CVE-2024-20028

EUVD-2024-17743
In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541687.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.6 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Affected Products (NVD)
VendorProductVersion
googleandroid
12.0
googleandroid
13.0
googleandroid
14.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
mediatekmt6739
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6757
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6761
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6763
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6765
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6768
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6771
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6779
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6785
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6833
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6853
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6873
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6877
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6885
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt6893
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt8163
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt8167
android_12.0 ≤
𝑥
≤ android_14.0
ADP
mediatekmt8168
android_12.0 ≤
𝑥
≤ android_14.0
ADP
Common Weakness Enumeration
References
https://corp.mediatek.com/product-security-bulletin/March-2024
https://corp.mediatek.com/product-security-bulletin/March-2024