CVE-2024-20023
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.
Affected (7)
Show all products
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.0 | |
| Version 3.3 | |
| Version 19.07.0 | |
| Version 2022q3 |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt2713 | All versions |
Mediatek Mt2737 | All versions |
Mediatek Mt6781 | All versions |
Mediatek Mt6789 | All versions |
Mediatek Mt6835 | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6880 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6890 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6980 | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt6990 | All versions |
Mediatek Mt8188 | All versions |
Mediatek Mt8188t | All versions |
Mediatek Mt8370 | All versions |
Mediatek Mt8390 | All versions |
Mediatek Mt8673 | All versions |
Mediatek Mt8676 | All versions |
Mediatek Mt8678 | All versions |
References (2)
Source: security@mediatek.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.