2021-0420 | MediaTek MT6893 Memory Management Driver denial of service
|CVSS Meta Temp Score||Current Exploit Price (≈)||CTI Interest Score|
A vulnerability classified as problematic was found in MediaTek MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891 and MT6893. This vulnerability affects some unknown functionality of the component Memory Management Driver. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. As an impact it is known to affect availability. CVE summarizes:
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381065.
The weakness was disclosed 08/19/2021. The advisory is available at corp.mediatek.com. This vulnerability was named CVE-2021-0420 since 11/06/2020. The exploitation appears to be easy. Local access is required to approach this attack. A single authentication is required for exploitation. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1499 by the MITRE ATT&CK project.
Applying a patch is able to eliminate this problem.
VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3
Status: Not defined
0-Day Time: 🔒
Check our Alexa App!