CVE-2024-20056
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 12.0 | |
| Version 19.07.0 | |
| Version 2022q3 |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt6739 | All versions |
Mediatek Mt6761 | All versions |
Mediatek Mt6765 | All versions |
Mediatek Mt6768 | All versions |
Mediatek Mt6781 | All versions |
Mediatek Mt6785 | All versions |
Mediatek Mt6789 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6835 | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6873 | All versions |
Mediatek Mt6880 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6890 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6897 | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt8666 | All versions |
Mediatek Mt8667 | All versions |
Mediatek Mt8673 | All versions |
Mediatek Mt8676 | All versions |
Mediatek Mt8678 | All versions |
References (2)
Source: security@mediatek.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.