CVE-2023-20692 : In wlan firmware, there is possible system crash due to an uncaught exception. T

In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720.

Published 2023-07-04 02:15:10

Updated 2023-07-07 23:53:28

Source MediaTek, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2023-20692

Google » Android » Version: 11.0
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Mediatek » Mt6739 » Version: N/A
When used together with: Mediatek » Mt8167 » Version: N/A
When used together with: Mediatek » Mt8168 » Version: N/A
When used together with: Mediatek » Mt8321 » Version: N/A
When used together with: Mediatek » Mt8365 » Version: N/A
When used together with: Mediatek » Mt8385 » Version: N/A
When used together with: Mediatek » Mt8666 » Version: N/A
When used together with: Mediatek » Mt8765 » Version: N/A
When used together with: Mediatek » Mt8788 » Version: N/A
Linuxfoundation » Yocto » Version: 4.0
cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*
Matching versions
When used together with: Mediatek » Mt6739 » Version: N/A
When used together with: Mediatek » Mt8167 » Version: N/A
When used together with: Mediatek » Mt8168 » Version: N/A
When used together with: Mediatek » Mt8321 » Version: N/A
When used together with: Mediatek » Mt8365 » Version: N/A
When used together with: Mediatek » Mt8385 » Version: N/A
When used together with: Mediatek » Mt8666 » Version: N/A
When used together with: Mediatek » Mt8765 » Version: N/A
When used together with: Mediatek » Mt8788 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2023-20692

EPSS FAQ

1.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-20692

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2023-20692

CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-20692

https://corp.mediatek.com/product-security-bulletin/July-2023

July 2023
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-20692

Products affected by CVE-2023-20692

Exploit prediction scoring system (EPSS) score for CVE-2023-20692

CVSS scores for CVE-2023-20692

CWE ids for CVE-2023-20692

References for CVE-2023-20692