CVE-2024-20006

Published Feb 5, 2024

Last updated 4 months ago

Overview

Description: In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.
Source: security@mediatek.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-787
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-787

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF"
          },
          {
            "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A"
          },
          {
            "criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References