cbcvebase.
CVE-2023-32874
published 2024-01-02

CVE-2023-32874: In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.03%
59.3th percentile
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).

Affected

1 ranges
VendorProductVersion rangeFixed in
googleandroid

Detection & IOCsextracted from sources · hover to see the quote

  • ·Patch ID and Issue ID for CVE-2023-32874 is MOLY01161803 (MSV-893), referencing the MediaTek Modem IMS Stack component. Android Security Bulletin reference is A-309364195 / M-MOLY01161803.
  • ·The vulnerability is in the Modem IMS Stack and allows remote code execution with no privileges or user interaction required, making it exploitable over the network without any preconditions.
  • ·Classified as HIGH severity in the Android Security Bulletin for January 2024.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.