MediaTek Iot Yocto
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in MediaTek Iot Yocto.
By the Year
In 2025 there have been 0 vulnerabilities in MediaTek Iot Yocto. Last year, in 2024 Iot Yocto had 2 security vulnerabilities published. Right now, Iot Yocto is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 2 | 0.00 |
| 2023 | 14 | 6.49 |
It may take a day or so for new Iot Yocto vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaTek Iot Yocto Security Vulnerabilities
Windows WLAN Driver OOB Write RCE without Privileges
CVE-2024-20100
- October 07, 2024
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.
Memory Corruption
Windows imgsys Local Info Disclosure via Bounds Check
CVE-2024-20055
- April 01, 2024
In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID: MSV-1012.
Apusys Integer Overflow OOB Write Leading to Local Escalation
CVE-2023-32829
6.7 - Medium
- October 02, 2023
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.
Integer Overflow or Wraparound
vpu OOB write via integer overflow LPE
CVE-2023-32828
6.7 - Medium
- October 02, 2023
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.
Integer Overflow or Wraparound
WLAN Firmware Remote DoS via Improper Input Handling
CVE-2023-32820
7.5 - High
- October 02, 2023
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
assertion failure
In connectivity system driver, there is a possible out of bounds write due to improper input validation
CVE-2023-32811
6.7 - Medium
- September 04, 2023
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.
Memory Corruption
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20850
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
Memory Corruption
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking
CVE-2023-20849
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
Dangling pointer
In camsys, there is a possible use after free due to a race condition
CVE-2023-20835
6.4 - Medium
- September 04, 2023
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.
Race Condition
In wlan driver, there is a possible out of bounds write due to improper input validation
CVE-2023-32806
6.7 - Medium
- September 04, 2023
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
Memory Corruption
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking
CVE-2023-20848
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
Out-of-bounds Read
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20842
6.5 - Medium
- September 04, 2023
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.
Memory Corruption
In imgsys, there is a possible out of bounds write due to a missing valid range checking
CVE-2023-20841
6.5 - Medium
- September 04, 2023
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.
Memory Corruption
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking
CVE-2023-20840
6.5 - Medium
- September 04, 2023
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.
Out-of-bounds Read
In wlan driver, there is a possible out of bounds write due to improper input validation
CVE-2023-20812
4.4 - Medium
- August 07, 2023
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.
Memory Corruption
In vcu, there is a possible memory corruption due to type confusion
CVE-2023-20673
6.7 - Medium
- May 15, 2023
In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.
Object Type Confusion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaTek Iot Yocto or by MediaTek? Click the Watch button to subscribe.
