CVE-2021-31575

CVSS V2 None CVSS V3 None
Description
In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.
Overview
  • CVE ID
  • CVE-2021-31575
  • Assigner
  • security@mediatek.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-06T22:15:09
  • Last Modified Date
  • 2023-02-15T15:20:41
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:mediatek:en7580_firmware:*:*:*:*:*:*:*:* 1 OR tlm7.3.275.0-82
cpe:2.3:h:mediatek:en7580:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mediatek:en7528_firmware:*:*:*:*:*:*:*:* 1 OR tlm7.3.275.0-82
cpe:2.3:h:mediatek:en7528:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
https://corp.mediatek.com/product-security-acknowledgements Vendor Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 07:18:47 Added to TrackCVE
2023-04-17 07:18:50 Weakness Enumeration new