CVE-2023-21054

HIGH Year: 2023
CVSS v3 Score
7.2
High
Weakness Type
CWE-787
View all →

Vulnerability Description

In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244556535References: N/A

Related Vulnerabilities

CVE-2018-16119

HIGH
CVSS:7.2(High)

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFo...

CWE-7872018

CVE-2018-17022

HIGH
CVSS:7.2(High)

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by sett...

CWE-7872018

CVE-2018-3950

HIGH
CVSS:7.2(High)

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address ...

CWE-7872018

CVE-2019-11848

HIGH
CVSS:7.2(High)

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.

CWE-7872019

CVE-2019-15661

HIGH
CVSS:7.2(High)

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow, which can lead to code ...

CWE-7872019

CVE-2019-15665

HIGH
CVSS:7.2(High)

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbi...

CWE-7872019