Vulnerability
CVE-2023-20702
Component: CELLULAR
Location: FIRMWARE
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.
Impact
Severity (Manufact.)
HIGH
Severity (NIST)
7.5
Severity (Android)
N/A
Chipsets
32
Devices
122
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MT6873 | Dimensity 800 | MediaTek |
| MT6875 | Dimensity 820 | MediaTek |
| MT6883Z/CZA | Dimensity 1000C | MediaTek |
| MT6885Z/CZA | Dimensity 1000L | MediaTek |
| MT6889 | Dimensity 1000 | MediaTek |
| MT6889Z/CZA | Dimensity 1000+ | MediaTek |
| MT6879 | Dimensity 1050 | MediaTek |
| MT6879V/ZA | Dimensity 1050 | MediaTek |
| MT6886 | Dimensity 7200 | MediaTek |
| MT6895 | Dimensity 8000 | MediaTek |
32 of 32 row(s) shown.
Rows per page
Page 1 of 4
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2020
Reported:
Unknown
Advisory Published:
Nov 6, 2023
CVE Published:
Nov 6, 2023
Android Patch Level:
Nov 2023
