CVE-2024-20033

2024-03-0403:15:07

[email protected]

web.nvd.nist.gov

cve-2024-20033

information disclosure

nvram

bounds check

patch

alps08499945

nvd

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.7%

JSON

In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.

VendorProductVersionCPE
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
mediatekmt2713*cpe:2.3:h:mediatek:mt2713:*:*:*:*:*:*:*:*
mediatekmt6739*cpe:2.3:h:mediatek:mt6739:*:*:*:*:*:*:*:*
mediatekmt6761*cpe:2.3:h:mediatek:mt6761:*:*:*:*:*:*:*:*
mediatekmt6765*cpe:2.3:h:mediatek:mt6765:*:*:*:*:*:*:*:*
mediatekmt6768*cpe:2.3:h:mediatek:mt6768:*:*:*:*:*:*:*:*
mediatekmt6771*cpe:2.3:h:mediatek:mt6771:*:*:*:*:*:*:*:*
mediatekmt6779*cpe:2.3:h:mediatek:mt6779:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
google	android	*	cpe:2.3:o:google:android::::::::
mediatek	mt2713	*	cpe:2.3:h:mediatek:mt2713::::::::
mediatek	mt6739	*	cpe:2.3:h:mediatek:mt6739::::::::
mediatek	mt6761	*	cpe:2.3:h:mediatek:mt6761::::::::
mediatek	mt6765	*	cpe:2.3:h:mediatek:mt6765::::::::
mediatek	mt6768	*	cpe:2.3:h:mediatek:mt6768::::::::
mediatek	mt6771	*	cpe:2.3:h:mediatek:mt6771::::::::
mediatek	mt6779	*	cpe:2.3:h:mediatek:mt6779::::::::

Rows per page:

1-10 of 571

References

corp.mediatek.com/product-security-bulletin/March-2024