Rdkcentral Rdk-B vulnerabilities

42 known vulnerabilities affecting rdkcentral/rdk-b.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH4MEDIUM36LOW1

Vulnerabilities

Page 2 of 3

CVE-2024-20081MEDIUMCVSS 6.7v2022q32024-07-01

CVE-2024-20081 [MEDIUM] CWE-787 CVE-2024-20081: In gnss service, there is a possible out of bounds write due to improper input validation. This coul In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

nvd

CVE-2023-32871MEDIUMCVSS 5.3v2022q32024-05-06

CVE-2023-32871 [MEDIUM] CWE-391 CVE-2023-32871: In DA, there is a possible permission bypass due to an incorrect status check. This could lead to lo In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.

nvd

CVE-2024-20056MEDIUMCVSS 6.7v2022q32024-05-06

CVE-2024-20056 [MEDIUM] CWE-20 CVE-2024-20056: In preloader, there is a possible escalation of privilege due to an insecure default value. This cou In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.

nvd

CVE-2024-20053HIGHCVSS 8.4v2022q32024-04-01

CVE-2024-20053 [HIGH] CWE-787 CVE-2024-20053: In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to In flashc, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541764.

nvd

CVE-2024-20040HIGHCVSS 8.8v2022q32024-04-01

CVE-2024-20040 [HIGH] CWE-787 CVE-2024-20040: In wlan firmware, there is a possible out of bounds write due to improper input validation. This cou In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979.

nvd

CVE-2024-20054MEDIUMCVSS 6.6v2022q32024-04-01

CVE-2024-20054 [MEDIUM] CWE-787 CVE-2024-20054: In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead In gnss, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08580200; Issue ID: ALPS08580200.

nvd

CVE-2024-20050MEDIUMCVSS 4.4v2022q32024-04-01

CVE-2024-20050 [MEDIUM] CWE-922 CVE-2024-20050: In flashc, there is a possible information disclosure due to an uncaught exception. This could lead In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541757.

nvd

CVE-2024-20052MEDIUMCVSS 4.4v2022q32024-04-01

CVE-2024-20052 [MEDIUM] CVE-2024-20052: In flashc, there is a possible information disclosure due to an uncaught exception. This could lead In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541761.

nvd

CVE-2024-20049MEDIUMCVSS 4.4v2022q32024-04-01

CVE-2024-20049 [MEDIUM] CWE-248 CVE-2024-20049: In flashc, there is a possible information disclosure due to an uncaught exception. This could lead In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541765; Issue ID: ALPS08541765.

nvd

CVE-2024-20051LOWCVSS 2.3v2022q32024-04-01

CVE-2024-20051 [LOW] CVE-2024-20051: In flashc, there is a possible system crash due to an uncaught exception. This could lead to local d In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.

nvd

CVE-2024-20023MEDIUMCVSS 6.7v2022q32024-03-04

CVE-2024-20023 [MEDIUM] CWE-787 CVE-2024-20023: In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to loc In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.

nvd

CVE-2024-20006MEDIUMCVSS 6.7v2022q32024-02-05

CVE-2024-20006 [MEDIUM] CWE-787 CVE-2024-20006: In da, there is a possible out of bounds write due to a missing bounds check. This could lead to loc In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.

nvd

CVE-2023-32855MEDIUMCVSS 6.7v2022q32023-12-04

CVE-2023-32855 [MEDIUM] CWE-862 CVE-2023-32855: In aee, there is a possible escalation of privilege due to a missing permission check. This could le In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.

nvd

CVE-2023-20821MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20821 [MEDIUM] CWE-787 CVE-2023-20821: In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.

nvd

CVE-2023-20832MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20832 [MEDIUM] CWE-787 CVE-2023-20832: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.

nvd

CVE-2023-20828MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20828 [MEDIUM] CWE-787 CVE-2023-20828: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.

nvd

CVE-2023-20829MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20829 [MEDIUM] CWE-787 CVE-2023-20829: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.

nvd

CVE-2023-20831MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20831 [MEDIUM] CWE-787 CVE-2023-20831: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.

nvd

CVE-2023-20830MEDIUMCVSS 6.7v2022q32023-09-04

CVE-2023-20830 [MEDIUM] CWE-787 CVE-2023-20830: In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to lo In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.

nvd

CVE-2023-20790MEDIUMCVSS 4.4v2022q32023-08-07

CVE-2023-20790 [MEDIUM] CWE-787 CVE-2023-20790: In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07740194; Issue ID: ALPS07740194.

nvd

← Previous2 / 3Next →