← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-0069 — Actively Exploited: Multiple Chipsets (MediaTek)

Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under expl

CVE IDCVE-2020-0069
VendorMediaTek
ProductMultiple Chipsets
Vulnerability nameMediatek Multiple Chipsets Insufficient Input Validation Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionMultiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading to privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0041 under exploit chain "AbstractEmu."
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →