CVE-2024-20023

2024-03-0403:15:07

[email protected]

web.nvd.nist.gov

cve-2024-20023

flashc

out of bounds write

privilege escalation

local exploit

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.7%

JSON

In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.

VendorProductVersionCPE
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
mediatekmt2713*cpe:2.3:h:mediatek:mt2713:*:*:*:*:*:*:*:*
mediatekmt2737*cpe:2.3:h:mediatek:mt2737:*:*:*:*:*:*:*:*
mediatekmt6781*cpe:2.3:h:mediatek:mt6781:*:*:*:*:*:*:*:*
mediatekmt6789*cpe:2.3:h:mediatek:mt6789:*:*:*:*:*:*:*:*
mediatekmt6835*cpe:2.3:h:mediatek:mt6835:*:*:*:*:*:*:*:*
mediatekmt6855*cpe:2.3:h:mediatek:mt6855:*:*:*:*:*:*:*:*
mediatekmt6879*cpe:2.3:h:mediatek:mt6879:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
mediatek	mt2713	*	cpe:2.3:h:mediatek:mt2713::::::::
mediatek	mt2737	*	cpe:2.3:h:mediatek:mt2737::::::::
mediatek	mt6781	*	cpe:2.3:h:mediatek:mt6781::::::::
mediatek	mt6789	*	cpe:2.3:h:mediatek:mt6789::::::::
mediatek	mt6835	*	cpe:2.3:h:mediatek:mt6835::::::::
mediatek	mt6855	*	cpe:2.3:h:mediatek:mt6855::::::::
mediatek	mt6879	*	cpe:2.3:h:mediatek:mt6879::::::::

Rows per page:

1-10 of 261

References

corp.mediatek.com/product-security-bulletin/March-2024