Rdkcentral Rdk B

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Rdkcentral Rdk B.

By the Year

In 2026 there have been 0 vulnerabilities in Rdkcentral Rdk B. Last year, in 2025 Rdk B had 8 security vulnerabilities published. Right now, Rdk B is on track to have less security vulnerabilities in 2026 than it did last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	8	6.60
2024	18	5.75
2023	7	6.70

It may take a day or so for new Rdk B vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Rdkcentral Rdk B Security Vulnerabilities

Android Device Admin API OOB Write LPE via Physical Access
CVE-2025-20696 - August 04, 2025

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issue ID: MSV-3801.

Memory Corruption

CVE-2025-20656: OOB Write in DA Enables Physical Local Priv Esc Escalation
CVE-2025-20656 - April 07, 2025

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.

Memory Corruption

Local Priv Esc via OOB Write in ALPS Driver (CVE-2025-20650)
CVE-2025-20650 - March 03, 2025

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061.

Memory Corruption

Local Info Disclosure via OOB Read in 'da' Component
CVE-2025-20651 - March 03, 2025

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062.

V6 DA OOB Write: Local Priv Escalation via Physical Access
CVE-2025-20635 6.6 - Medium - February 03, 2025

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09403752; Issue ID: MSV-2434.

Memory Corruption

ALPS V6 DA OOB Write for Local Priv Escalation
CVE-2024-20144 - January 06, 2025

Memory Corruption

V6 DA Driver OOB Write Enables Local Priv Escalation
CVE-2024-20143 - January 06, 2025

Memory Corruption

V6 DA OOB Write Enables Local Priv Escalation
CVE-2024-20145 - January 06, 2025

Memory Corruption

MediaTek da Out-of-Bounds Read Vulnerability
CVE-2024-20136 - December 02, 2024

In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821.

Out-of-bounds Read

MediaTek Da Out-of-Bounds Write Vulnerability
CVE-2024-20104 - November 04, 2024

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.

Memory Corruption

Da Out of Bounds Read Vulnerability in Memory Management
CVE-2024-20107 - November 04, 2024

Out-of-bounds Read

Windows Power OOB Read Local Info Disclosure (Requires SYSTEM)
CVE-2024-20085 4.4 - Medium - September 02, 2024

In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.

Out-of-bounds Read

Microsoft Windows WLAN Remote DoS via Error Handling
CVE-2024-20089 7.5 - High - September 02, 2024

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

Improper Check for Unusual or Exceptional Conditions

MS Windows PowerShell OOB Read for Local Info Disclosure
CVE-2024-20084 4.4 - Medium - September 02, 2024

Out-of-bounds Read

Android GNSS Service Escalation via Improper Cert Validation
CVE-2024-20080 - July 01, 2024

In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.

Improper Certificate Validation

Android GNSS Service OOB Write Local Priv Escalation
CVE-2024-20081 6.7 - Medium - July 01, 2024

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

Memory Corruption

MS Windows Device Administration Permission Bypass Local Priv Escalation
CVE-2023-32871 - May 06, 2024

In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.

Improper Check for Unusual or Exceptional Conditions

Android preloader Priv Esc via insecure default
CVE-2024-20056 - May 06, 2024

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.

flashc OOB Write in Uncaught Exception Leads to Local Priv Escalation
CVE-2024-20053 - April 01, 2024

In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541764.

Remote OOB Write in MediaTek MT6XXX/MT79XX WLAN Firmware
CVE-2024-20040 - April 01, 2024

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.

FlashC Uncaught Exception Enables Local Info Disclosure (CVE-2024-20049)
CVE-2024-20049 - April 01, 2024

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541765; Issue ID: ALPS08541765.

CVE-2024-20050: flashc Local Info Disclosure via Uncaught Exception
CVE-2024-20050 - April 01, 2024

Local DoS via uncaught exception in flashc
CVE-2024-20051 - April 01, 2024

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.

ALPS FlashC Local Info Disclosure via Uncaught Exception
CVE-2024-20052 - April 01, 2024

CVE-2024-20054: GNSSe EtP via Missing Bounds Check
CVE-2024-20054 - April 01, 2024

In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

flashc OOB Write Escalation (local, SYSTEM)
CVE-2024-20023 - March 04, 2024

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.

Local PrivEsc via OOB Write in ALPS nvram
CVE-2023-20821 6.7 - Medium - September 04, 2023

In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

Memory Corruption

Android GPS OOB Write: Local Priv Escalation
CVE-2023-20832 6.7 - Medium - September 04, 2023

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.

Memory Corruption

gps OOB Write Enables Local Priv Esc (System)
CVE-2023-20831 6.7 - Medium - September 04, 2023

Memory Corruption

GPS OOB Write Local Escalation (CVE-2023-20830)
CVE-2023-20830 6.7 - Medium - September 04, 2023

Memory Corruption

Local Priv Esc via OOB Write in GPS Firmware
CVE-2023-20829 6.7 - Medium - September 04, 2023

Memory Corruption

Out-of-Bounds Write in GPS Device Enables Local Priv Escalation (CVE-2023-20828)
CVE-2023-20828 6.7 - Medium - September 04, 2023

Memory Corruption

MTK Preloader OOB Write Escalation (CVE202320725)
CVE-2023-20725 6.7 - Medium - June 06, 2023

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Rdkcentral Rdk B or by Rdkcentral? Click the Watch button to subscribe.

Rdkcentral
Vendor

Rdkcentral Rdk B
Product

Rdkcentral Rdk B

Don't miss out!

By the Year

Recent Rdkcentral Rdk B Security Vulnerabilities

Android Device Admin API OOB Write LPE via Physical Access CVE-2025-20696 - August 04, 2025

CVE-2025-20656: OOB Write in DA Enables Physical Local Priv Esc Escalation CVE-2025-20656 - April 07, 2025

Local Priv Esc via OOB Write in ALPS Driver (CVE-2025-20650) CVE-2025-20650 - March 03, 2025

Local Info Disclosure via OOB Read in 'da' Component CVE-2025-20651 - March 03, 2025

V6 DA OOB Write: Local Priv Escalation via Physical Access CVE-2025-20635 6.6 - Medium - February 03, 2025

ALPS V6 DA OOB Write for Local Priv Escalation CVE-2024-20144 - January 06, 2025

V6 DA Driver OOB Write Enables Local Priv Escalation CVE-2024-20143 - January 06, 2025

V6 DA OOB Write Enables Local Priv Escalation CVE-2024-20145 - January 06, 2025

MediaTek da Out-of-Bounds Read Vulnerability CVE-2024-20136 - December 02, 2024

MediaTek Da Out-of-Bounds Write Vulnerability CVE-2024-20104 - November 04, 2024

Da Out of Bounds Read Vulnerability in Memory Management CVE-2024-20107 - November 04, 2024

Windows Power OOB Read Local Info Disclosure (Requires SYSTEM) CVE-2024-20085 4.4 - Medium - September 02, 2024

Microsoft Windows WLAN Remote DoS via Error Handling CVE-2024-20089 7.5 - High - September 02, 2024

MS Windows PowerShell OOB Read for Local Info Disclosure CVE-2024-20084 4.4 - Medium - September 02, 2024

Android GNSS Service Escalation via Improper Cert Validation CVE-2024-20080 - July 01, 2024

Android GNSS Service OOB Write Local Priv Escalation CVE-2024-20081 6.7 - Medium - July 01, 2024

MS Windows Device Administration Permission Bypass Local Priv Escalation CVE-2023-32871 - May 06, 2024

Android preloader Priv Esc via insecure default CVE-2024-20056 - May 06, 2024

flashc OOB Write in Uncaught Exception Leads to Local Priv Escalation CVE-2024-20053 - April 01, 2024

Remote OOB Write in MediaTek MT6XXX/MT79XX WLAN Firmware CVE-2024-20040 - April 01, 2024

FlashC Uncaught Exception Enables Local Info Disclosure (CVE-2024-20049) CVE-2024-20049 - April 01, 2024

CVE-2024-20050: flashc Local Info Disclosure via Uncaught Exception CVE-2024-20050 - April 01, 2024

Local DoS via uncaught exception in flashc CVE-2024-20051 - April 01, 2024

ALPS FlashC Local Info Disclosure via Uncaught Exception CVE-2024-20052 - April 01, 2024

CVE-2024-20054: GNSSe EtP via Missing Bounds Check CVE-2024-20054 - April 01, 2024

flashc OOB Write Escalation (local, SYSTEM) CVE-2024-20023 - March 04, 2024

Local PrivEsc via OOB Write in ALPS nvram CVE-2023-20821 6.7 - Medium - September 04, 2023

Android GPS OOB Write: Local Priv Escalation CVE-2023-20832 6.7 - Medium - September 04, 2023

gps OOB Write Enables Local Priv Esc (System) CVE-2023-20831 6.7 - Medium - September 04, 2023

GPS OOB Write Local Escalation (CVE-2023-20830) CVE-2023-20830 6.7 - Medium - September 04, 2023

Local Priv Esc via OOB Write in GPS Firmware CVE-2023-20829 6.7 - Medium - September 04, 2023

Out-of-Bounds Write in GPS Device Enables Local Priv Escalation (CVE-2023-20828) CVE-2023-20828 6.7 - Medium - September 04, 2023

MTK Preloader OOB Write Escalation (CVE202320725) CVE-2023-20725 6.7 - Medium - June 06, 2023

Stay on top of Security Vulnerabilities

Rdkcentral Vendor

Rdkcentral Rdk BProduct

Android Device Admin API OOB Write LPE via Physical Access
CVE-2025-20696 - August 04, 2025

CVE-2025-20656: OOB Write in DA Enables Physical Local Priv Esc Escalation
CVE-2025-20656 - April 07, 2025

Local Priv Esc via OOB Write in ALPS Driver (CVE-2025-20650)
CVE-2025-20650 - March 03, 2025

Local Info Disclosure via OOB Read in 'da' Component
CVE-2025-20651 - March 03, 2025

V6 DA OOB Write: Local Priv Escalation via Physical Access
CVE-2025-20635 6.6 - Medium - February 03, 2025

ALPS V6 DA OOB Write for Local Priv Escalation
CVE-2024-20144 - January 06, 2025

V6 DA Driver OOB Write Enables Local Priv Escalation
CVE-2024-20143 - January 06, 2025

V6 DA OOB Write Enables Local Priv Escalation
CVE-2024-20145 - January 06, 2025

MediaTek da Out-of-Bounds Read Vulnerability
CVE-2024-20136 - December 02, 2024

MediaTek Da Out-of-Bounds Write Vulnerability
CVE-2024-20104 - November 04, 2024

Da Out of Bounds Read Vulnerability in Memory Management
CVE-2024-20107 - November 04, 2024

Windows Power OOB Read Local Info Disclosure (Requires SYSTEM)
CVE-2024-20085 4.4 - Medium - September 02, 2024

Microsoft Windows WLAN Remote DoS via Error Handling
CVE-2024-20089 7.5 - High - September 02, 2024

MS Windows PowerShell OOB Read for Local Info Disclosure
CVE-2024-20084 4.4 - Medium - September 02, 2024

Android GNSS Service Escalation via Improper Cert Validation
CVE-2024-20080 - July 01, 2024

Android GNSS Service OOB Write Local Priv Escalation
CVE-2024-20081 6.7 - Medium - July 01, 2024

MS Windows Device Administration Permission Bypass Local Priv Escalation
CVE-2023-32871 - May 06, 2024

Android preloader Priv Esc via insecure default
CVE-2024-20056 - May 06, 2024

flashc OOB Write in Uncaught Exception Leads to Local Priv Escalation
CVE-2024-20053 - April 01, 2024

Remote OOB Write in MediaTek MT6XXX/MT79XX WLAN Firmware
CVE-2024-20040 - April 01, 2024

FlashC Uncaught Exception Enables Local Info Disclosure (CVE-2024-20049)
CVE-2024-20049 - April 01, 2024

CVE-2024-20050: flashc Local Info Disclosure via Uncaught Exception
CVE-2024-20050 - April 01, 2024

Local DoS via uncaught exception in flashc
CVE-2024-20051 - April 01, 2024

ALPS FlashC Local Info Disclosure via Uncaught Exception
CVE-2024-20052 - April 01, 2024

CVE-2024-20054: GNSSe EtP via Missing Bounds Check
CVE-2024-20054 - April 01, 2024

flashc OOB Write Escalation (local, SYSTEM)
CVE-2024-20023 - March 04, 2024

Local PrivEsc via OOB Write in ALPS nvram
CVE-2023-20821 6.7 - Medium - September 04, 2023

Android GPS OOB Write: Local Priv Escalation
CVE-2023-20832 6.7 - Medium - September 04, 2023

gps OOB Write Enables Local Priv Esc (System)
CVE-2023-20831 6.7 - Medium - September 04, 2023

GPS OOB Write Local Escalation (CVE-2023-20830)
CVE-2023-20830 6.7 - Medium - September 04, 2023

Local Priv Esc via OOB Write in GPS Firmware
CVE-2023-20829 6.7 - Medium - September 04, 2023

Out-of-Bounds Write in GPS Device Enables Local Priv Escalation (CVE-2023-20828)
CVE-2023-20828 6.7 - Medium - September 04, 2023

MTK Preloader OOB Write Escalation (CVE202320725)
CVE-2023-20725 6.7 - Medium - June 06, 2023

Rdkcentral
Vendor

Rdkcentral Rdk B
Product