Sign-up

ID

VAR-202312-0073


CVE

CVE-2023-32844


DESCRIPTION

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850)

Trust: 0.99

sources: NVD: CVE-2023-32844 // VULMON: CVE-2023-32844

AFFECTED PRODUCTS

vendor:mediatekmodel:nr15scope:eqversion: -

Trust: 1.0

vendor:mediatekmodel:nr17scope:eqversion: -

Trust: 1.0

vendor:mediatekmodel:nr16scope:eqversion: -

Trust: 1.0

sources: NVD: CVE-2023-32844

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-32844
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-32844
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: NVD: CVE-2023-32844

PROBLEMTYPE DATA

problemtype:CWE-617

Trust: 1.0

sources: NVD: CVE-2023-32844

EXTERNAL IDS

db:NVDid:CVE-2023-32844

Trust: 1.1

db:VULMONid:CVE-2023-32844

Trust: 0.1

sources: VULMON: CVE-2023-32844 // NVD: CVE-2023-32844

REFERENCES

url:https://corp.mediatek.com/product-security-bulletin/december-2023

Trust: 1.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-32844 // NVD: CVE-2023-32844

SOURCES

db:VULMONid:CVE-2023-32844
db:NVDid:CVE-2023-32844

LAST UPDATE DATE

2024-08-14T13:41:23.114000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-32844date:2023-12-04T00:00:00
db:NVDid:CVE-2023-32844date:2023-12-07T17:33:50.607

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-32844date:2023-12-04T00:00:00
db:NVDid:CVE-2023-32844date:2023-12-04T04:15:07.510