Lucene search

K
vulnrichmentMediaTekVULNRICHMENT:CVE-2024-20081
HistoryJul 01, 2024 - 3:18 a.m.

CVE-2024-20081

2024-07-0103:18:10
CWE-787
MediaTek
github.com
gnss service
out of bounds write
local privilege escalation
system execution privileges

7.2 High

AI Score

Confidence

High

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT2735, MT2737, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8666, MT8667, MT8673, MT8676, MT8678",
    "versions": [
      {
        "version": "Android 13.0, 14.0 / openWRT 19.07, 21.02, 23.05 / Yocto 2.6, 3.3, 4.0 / RDK-B 22Q3",
        "status": "affected"
      }
    ]
  }
]

7.2 High

AI Score

Confidence

High

Related for VULNRICHMENT:CVE-2024-20081