CVE-2024-20023
Published Mar 4, 2024
Last updated 3 months ago
Overview
- Description
- In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.
- Source
- security@mediatek.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
Weaknesses
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-787
Social media
- Hype score
- Not currently trending