CVE-2024-20130
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
Description
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09193374; Issue ID: MSV-1982.
Affected (2)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 14.0 |
| Running on/with | Platform Versions |
|---|---|
Mediatek Mt6739 | All versions |
Mediatek Mt6761 | All versions |
Mediatek Mt6765 | All versions |
Mediatek Mt6768 | All versions |
Mediatek Mt6781 | All versions |
Mediatek Mt6789 | All versions |
Mediatek Mt6833 | All versions |
Mediatek Mt6835 | All versions |
Mediatek Mt6853 | All versions |
Mediatek Mt6855 | All versions |
Mediatek Mt6877 | All versions |
Mediatek Mt6878 | All versions |
Mediatek Mt6879 | All versions |
Mediatek Mt6883 | All versions |
Mediatek Mt6885 | All versions |
Mediatek Mt6886 | All versions |
Mediatek Mt6889 | All versions |
Mediatek Mt6893 | All versions |
Mediatek Mt6895 | All versions |
Mediatek Mt6896 | All versions |
Mediatek Mt6897 | All versions |
Mediatek Mt6983 | All versions |
Mediatek Mt6985 | All versions |
Mediatek Mt6989 | All versions |
Mediatek Mt8195 | All versions |
Mediatek Mt8676 | All versions |
Mediatek Mt8678 | All versions |
Mediatek Mt8696 | All versions |
Mediatek Mt8796 | All versions |
Related CWEs
CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
References (1)
Source: security@mediatek.com
Vendor Advisory
Timeline
No history available yet.