The July 2023 Security Bulletin from the Taiwan-based semiconductor company MediaTek has unveiled numerous security vulnerabilities, affecting a wide range of devices. These include smartphones, tablets, and other smart devices, as well as over-the-top (OTT) media services and Wi-Fi technology that utilize MediaTek chipsets.
The detailed security advisory reveals a total of 24 identified vulnerabilities. Of these, two notable vulnerabilities, tagged as CVE-2023-20754 and CVE-2023-20755, have been labeled as ‘High’ severity issues.
Key High Severity Vulnerabilities Detailed
CVE-2023-20754 – Keyinstall’s Integer Overflow Issue
The first high severity flaw, CVE-2023-20754, involves an integer overflow or wraparound in ‘keyinstall.’ The presence of an integer overflow might cause an out-of-bounds write within keyinstall, leading to system execution privileges and local privilege escalation. Importantly, this vulnerability can be exploited without any user interaction.
The flaw affects multiple MediaTek chipset models (including MT6580, MT6731, MT6735, and more) and spans across several software versions: Android 11.0, 12.0, 13.0.
CVE-2023-20755 – Keyinstall’s Input Validation Issue
The second high severity flaw, CVE-2023-20755, is due to improper input validation in ‘keyinstall,’ where an integer overflow could trigger an out-of-bounds write. Like the previous issue, it could potentially result in local privilege escalation, requiring system execution rights, and doesn’t necessitate user involvement for exploitation.
This vulnerability also affects a variety of MediaTek chipsets and the same Android versions as the previous flaw.
Overview of Medium Severity Flaws
Additionally, the security advisory includes a list of medium severity flaws, ranging from out-of-bounds writes (CVE-2023-20753) and integer overflows (CVE-2023-20756), to several cases of improper input validation and other issues.
These vulnerabilities also cover a variety of MediaTek chipsets, signaling the necessity for broad security updates across multiple devices and software versions.
MediaTek’s Response to Identified Vulnerabilities
In response to these identified vulnerabilities, MediaTek has informed device Original Equipment Manufacturers (OEMs) of the issues and the necessary security updates. The company ensured this communication was carried out at least two months prior to public disclosure, allowing OEMs ample time to implement these critical security patches.