Mediatek Iot_yocto
24 CVEs affecting Mediatek Iot_yocto. Latest disclosed: 2025-10-14. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-20100 | Critical | 9.8 | 2024-10-07 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution… |
CVE-2025-20721 | High | 7.8 | 2025-10-14 | In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has… |
CVE-2023-32820 | High | 7.5 | 2023-10-02 | In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional executi… |
CVE-2023-32829 | Medium | 6.7 | 2023-10-02 | In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privilege… |
CVE-2023-32828 | Medium | 6.7 | 2023-10-02 | In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges n… |
CVE-2023-32811 | Medium | 6.7 | 2023-09-04 | In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with… |
CVE-2023-32806 | Medium | 6.7 | 2023-09-04 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System executio… |
CVE-2023-20673 | Medium | 6.7 | 2023-05-15 | In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed… |
CVE-2023-20850 | Medium | 6.5 | 2023-09-04 | In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System exe… |
CVE-2023-20849 | Medium | 6.5 | 2023-09-04 | In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System executio… |
CVE-2023-20848 | Medium | 6.5 | 2023-09-04 | In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System exec… |
CVE-2023-20842 | Medium | 6.5 | 2023-09-04 | In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System exe… |
CVE-2023-20841 | Medium | 6.5 | 2023-09-04 | In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System executio… |
CVE-2023-20840 | Medium | 6.5 | 2023-09-04 | In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System… |
CVE-2023-20835 | Medium | 6.4 | 2023-09-04 | In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed… |
CVE-2024-20055 | Medium | 6.3 | 2024-04-01 | In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution priv… |
CVE-2023-32807 | Medium | 4.4 | 2023-09-04 | In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution… |
CVE-2023-20812 | Medium | 4.4 | 2023-08-07 | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution… |
CVE-2023-20847 | Medium | 4.2 | 2023-09-04 | In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution… |
CVE-2023-20846 | Medium | 4.2 | 2023-09-04 | In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execu… |