| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.27 |
A vulnerability classified as problematic was found in MediaTek MT6580, MT6582E, MT6582H, MT6582T, MT6582W, MT6582_90, MT6589, MT6589TD, MT6592E, MT6592H, MT6592T, MT6592W, MT6592_90, MT6595, MT6731, MT6732, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6752, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6785, MT6795, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891 and MT6893. This vulnerability affects some unknown functionality of the component Memory Management Driver. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. As an impact it is known to affect availability. CVE summarizes:
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05381065.
The weakness was disclosed 08/19/2021. The advisory is available at corp.mediatek.com. This vulnerability was named CVE-2021-0420 since 11/06/2020. The exploitation appears to be easy. Local access is required to approach this attack. A single authentication is required for exploitation. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1499 by the MITRE ATT&CK project.
Applying a patch is able to eliminate this problem.
Vendor
Name
VulDB Meta Base Score: 5.5
VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.5
VulDB Temp Score: 5.3
VulDB Vector: 🔒
VulDB Reliability: 🔍
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| 🔍 | 🔍 | 🔍 | 🔍 | 🔍 | 🔍 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
| unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Denial of service
CWE: CWE-404
ATT&CK: T1499
Local: Yes
Remote: No
Availability: 🔒
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: Patch
Status: 🔍
0-Day Time: 🔒
Patch: corp.mediatek.com
11/06/2020 CVE assigned
08/19/2021 Advisory disclosed
08/19/2021 VulDB entry created
08/21/2021 VulDB last updateAdvisory: corp.mediatek.com
Status: Confirmed
CVE: CVE-2021-0420 (🔒)
Created: 08/19/2021 08:12
Updated: 08/21/2021 15:02
Changes: (2) source_cve_assigned source_cve_nvd_summary
Complete: 🔍
Check our Alexa App!
