CVE-2021-0620

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-0620
In asf extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561381.

5.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/November-2021 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt5522:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5527:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5597:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5598:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt5599:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6580:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6737:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6750s:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6753:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6755s:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757c:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757cd:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757ch:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8175:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8185:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8766:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8786:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8789:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9285:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9670:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9931:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9950:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9970:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9980:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt9981:-:*:*:*:*:*:*:*
Information

Published : 2021-11-18 07:15

Updated : 2021-11-19 08:58

NVD link : CVE-2021-0620

Mitre link : CVE-2021-0620

JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa
Products Affected

mediatek

  • mt6779
  • mt9650
  • mt8786
  • mt6757ch
  • mt6580
  • mt9669
  • mt8766
  • mt6889
  • mt8385
  • mt8791
  • mt9675
  • mt9970
  • mt6757
  • mt8183
  • mt6877
  • mt9256
  • mt6739
  • mt8765
  • mt6771
  • mt6753
  • mt8195
  • mt8365
  • mt5527
  • mt8797
  • mt6762
  • mt6765
  • mt9950
  • mt9638
  • mt6785
  • mt5599
  • mt8789
  • mt8163
  • mt6853
  • mt6768
  • mt8167s
  • mt8173
  • mt9688
  • mt9631
  • mt5522
  • mt9288
  • mt9670
  • mt9629
  • mt9686
  • mt9981
  • mt9285
  • mt6757cd
  • mt5598
  • mt9652
  • mt9980
  • mt6833
  • mt6735
  • mt6885
  • mt6737
  • mt8321
  • mt6763
  • mt8788
  • mt6755s
  • mt9636
  • mt5597
  • mt9639
  • mt6893
  • mt9931
  • mt8362a
  • mt6757c
  • mt6873
  • mt8168
  • mt6750s
  • mt6761
  • mt9685
  • mt8175
  • mt9632
  • mt8768
  • mt9286
  • mt6853t
  • mt8167
  • mt8185

google

  • android