CVE-2024-20078

2024-07-0103:18:04

CWE-843

MediaTek

github.com

venc

out of bounds write

type confusion

local privilege escalation

system execution privileges

patch id

issue id

exploitation

user interaction

7.1 High

AI Score

Confidence

High

JSON

In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT6768, MT6779, MT8321, MT8385, MT8755, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798",
    "versions": [
      {
        "version": "Android 12.0, 13.0, 14.0",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/July-2024

7.1 High

AI Score

Confidence

High

JSON

Related for VULNRICHMENT:CVE-2024-20078