In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.
Patch ID: ALPS10607099; Issue ID: MSV-6118.
Attack Parameters
Attack Vector
Physical
Нужен физический доступ
Attack Complexity
Low
Легко эксплуатировать
Privileges Required
None
Права не нужны
User Interaction
None
Не нужно действие пользователя
Impact Assessment
Confidentiality
High
Полная утечка данных
Integrity
None
Нет модификации данных
Availability
None
Нет нарушения работы
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 40
mediatek:mt6885
mediatek:mt8169
mediatek:mt6878
mediatek:mt8188
mediatek:mt8696
mediatek:mt6895
mediatek:mt6781
zephyrproject:zephyr
mediatek:mt6880
mediatek:mt6989
mediatek:mt6855
mediatek:mt6983
mediatek:mt8390
google:android
mediatek:mt6739
mediatek:mt6890
mediatek:mt6893
mediatek:mt6985
mediatek:mt8676
linuxfoundation:yocto
rdkcentral:rdk-b
mediatek:mt6765
mediatek:mt6789
mediatek:mt6813
mediatek:mt6897
mediatek:mt6993
mediatek:mt6853
mediatek:mt6833
mediatek:mt8370
mediatek:mt8186
mediatek:mt2737
mediatek:mt6886
mediatek:mt6879
mediatek:mt6877
mediatek:mt6768
mediatek:mt8678
mediatek:mt8793
openwrt:openwrt
mediatek:mt6990
mediatek:mt6761
Known Affected Software Configurations 44
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Linuxfoundation Yocto
cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*
|
— | — |
|
Rdkcentral Rdk-B
cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*
|
— | — |
|
Rdkcentral Rdk-B
cpe:2.3:a:rdkcentral:rdk-b:2024q1:*:*:*:*:*:*:*
|
— | — |
|
Google Android
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
|
— | — |
|
Google Android
cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*
|
— | — |
|
Google Android
cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*
|
— | — |
|
Openwrt Openwrt
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
|
— | — |
|
Openwrt Openwrt
cpe:2.3:o:openwrt:openwrt:23.05.0:-:*:*:*:*:*:*
|
— | — |
|
Zephyrproject Zephyr
cpe:2.3:o:zephyrproject:zephyr:3.7.0:-:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt2737
cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6739
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6761
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6765
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6768
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6781
cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6789
cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6813
cpe:2.3:h:mediatek:mt6813:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6833
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6853
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6855
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6877
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6878
cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6879
cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6880
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6885
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6886
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6890
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6893
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6895
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6897
cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6983
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6985
cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6989
cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6990
cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt6993
cpe:2.3:h:mediatek:mt6993:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8169
cpe:2.3:h:mediatek:mt8169:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8186
cpe:2.3:h:mediatek:mt8186:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8188
cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8370
cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8390
cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8676
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8678
cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8696
cpe:2.3:h:mediatek:mt8696:-:*:*:*:*:*:*:*
|
— | — |
|
Mediatek Mt8793
cpe:2.3:h:mediatek:mt8793:-:*:*:*:*:*:*:*
|
— | — |