CVE-2024-20125
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.
Affected (2)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 13.0 |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt6580 | All versions |
Mediatek Mt6761 | All versions |
Mediatek Mt6765 | All versions |
Mediatek Mt6768 | All versions |
Mediatek Mt6779 | All versions |
Mediatek Mt6781 | All versions |
Mediatek Mt6785 | All versions |
Mediatek Mt6789 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6835 | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6873 | All versions |
Mediatek Mt6877 | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6883 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6889 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt8175 | All versions |
Mediatek Mt8195 | All versions |
Mediatek Mt8321 | All versions |
Mediatek Mt8365 | All versions |
Mediatek Mt8370 | All versions |
Mediatek Mt8385 | All versions |
Mediatek Mt8390 | All versions |
Mediatek Mt8395 | All versions |
Mediatek Mt8666 | All versions |
Mediatek Mt8667 | All versions |
Mediatek Mt8673 | All versions |
Mediatek Mt8765 | All versions |
Mediatek Mt8766 | All versions |
Mediatek Mt8768 | All versions |
Mediatek Mt8771 | All versions |
Mediatek Mt8781 | All versions |
Mediatek Mt8786 | All versions |
Mediatek Mt8788 | All versions |
Mediatek Mt8791t | All versions |
Mediatek Mt8797 | All versions |
Mediatek Mt8798 | All versions |
References (1)
Source: security@mediatek.com
Vendor Advisory
Timeline
No history available yet.