CVE-2023-20702

Name of the Vulnerable Software and Affected Versions MediaTek 5G modules (affected versions not specified)

Description The issue is related to insufficient input validation in MediaTek 5G wireless communication modules, which can lead to a denial of service. In the 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service if a UE received an invalid 1-byte RLC SDU, with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.