CVE-2023-32874
published 2024-01-02CVE-2023-32874: In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.03%
59.3th percentile
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Patch ID and Issue ID for CVE-2023-32874 is MOLY01161803 (MSV-893), referencing the MediaTek Modem IMS Stack component. Android Security Bulletin reference is A-309364195 / M-MOLY01161803. ↗
- ·The vulnerability is in the Modem IMS Stack and allows remote code execution with no privileges or user interaction required, making it exploitable over the network without any preconditions. ↗
- ·Classified as HIGH severity in the Android Security Bulletin for January 2024. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Android
CVE-2023-32874: Modem IMS Stack
vendor_android·2024-01-01·CVSS 9.8
CVE-2023-32874 [CRITICAL] CVE-2023-32874: Modem IMS Stack
Android Security Bulletin 2024-01-01
CVE: CVE-2023-32874
Severity: HIGH
Component: Modem IMS Stack
References: A-309364195
M-MOLY01161803
*
GHSA
GHSA-22j2-mxcq-m52p: In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check
ghsa_unreviewed·2024-01-02
CVE-2023-32874 [CRITICAL] CWE-787 GHSA-22j2-mxcq-m52p: In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-01-02
Published