Lucene search

[email protected]CVE-2024-20032

HistoryMar 04, 2024 - 3:15 a.m.

CVE-2024-20032

2024-03-0403:15:07

[email protected]

web.nvd.nist.gov

cve-2024-20032

aee

permission bypass

local escalation

privilege

nvd

security vulnerability

patch id

issue id

alps08487630

msv-1020

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

In aee, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08487630; Issue ID: MSV-1020.

Affected configurations

Vulners

Node

googleandroidRange<12.0

googleandroidRange<13.0

googleandroidRange<14.0

mediatekmt6580

mediatekmt6739

mediatekmt6761

mediatekmt6765

mediatekmt6768

mediatekmt6779

mediatekmt6781

mediatekmt6785

mediatekmt6789

mediatekmt6833

mediatekmt6835

mediatekmt6853

mediatekmt6855

mediatekmt6873

mediatekmt6877

mediatekmt6879

mediatekmt6883

mediatekmt6885

mediatekmt6886

mediatekmt6889

mediatekmt6893

mediatekmt6895

mediatekmt6983

mediatekmt6985

mediatekmt6989

mediatekmt8321

mediatekmt8673

mediatekmt8765

mediatekmt8766

mediatekmt8768

mediatekmt8781

mediatekmt8789

mediatekmt8791

mediatekmt8792

mediatekmt8796

VendorProductVersionCPE
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
mediatekmt6580*cpe:2.3:h:mediatek:mt6580:*:*:*:*:*:*:*:*
mediatekmt6739*cpe:2.3:h:mediatek:mt6739:*:*:*:*:*:*:*:*
mediatekmt6761*cpe:2.3:h:mediatek:mt6761:*:*:*:*:*:*:*:*
mediatekmt6765*cpe:2.3:h:mediatek:mt6765:*:*:*:*:*:*:*:*
mediatekmt6768*cpe:2.3:h:mediatek:mt6768:*:*:*:*:*:*:*:*
mediatekmt6779*cpe:2.3:h:mediatek:mt6779:*:*:*:*:*:*:*:*
mediatekmt6781*cpe:2.3:h:mediatek:mt6781:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
mediatek	mt6580	*	cpe:2.3:h:mediatek:mt6580::::::::
mediatek	mt6739	*	cpe:2.3:h:mediatek:mt6739::::::::
mediatek	mt6761	*	cpe:2.3:h:mediatek:mt6761::::::::
mediatek	mt6765	*	cpe:2.3:h:mediatek:mt6765::::::::
mediatek	mt6768	*	cpe:2.3:h:mediatek:mt6768::::::::
mediatek	mt6779	*	cpe:2.3:h:mediatek:mt6779::::::::
mediatek	mt6781	*	cpe:2.3:h:mediatek:mt6781::::::::

Rows per page:

1-10 of 381

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT6989, MT8321, MT8673, MT8765, MT8766, MT8768, MT8781, MT8789, MT8791, MT8792, MT8796",
    "versions": [
      {
        "version": "Android 12.0, 13.0, 14.0",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/March-2024