ГлавнаяУязвимости → CVE-2024-20064
7.8высокая

CVE-2024-20064

Описание

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08572601; Issue ID: MSV-1229.

Затрагиваемое ПО
Google AndroidMediatek Mt6580Mediatek Mt6761Mediatek Mt6762Mediatek Mt6768Mediatek Mt6781Mediatek Mt6789Mediatek Mt6833Mediatek Mt6853Mediatek Mt6853tMediatek Mt6855Mediatek Mt6873Mediatek Mt6875Mediatek Mt6877Mediatek Mt6879Mediatek Mt6883Mediatek Mt6885Mediatek Mt6886Mediatek Mt6889Mediatek Mt6891Mediatek Mt6893Mediatek Mt6895Mediatek Mt6983Mediatek Mt6985Mediatek Mt6989
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/May-2024https://corp.mediatek.com/product-security-bulletin/May-2024