PT-2024-18543 · Mediatek+1 · Mt6761+37

Published

2024-05-06

Updated

2025-03-27

CVE-2024-20057

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software name or versions are mentioned in the provided descriptions.

Description The issue is related to a possible out of bounds write in keyInstall due to a missing bounds check. This could lead to local escalation of privilege, with System execution privileges needed. User interaction is not required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ASB-A-327973819

CVE-2024-20057

M-ALPS08587881

Affected Products

Mt6761

Android

Mt6765

Mt6768

Mt6779

Mt6781

Mt6785

Mt6789

Mt6833

Mt6835

Mt6853

Mt6855

Mt6873

Mt6877

Mt6879

Mt6883

Mt6885

Mt6886

Mt6889

Mt6893

Mt6895

Mt6897

Mt6983

Mt8321

Mt8385

Mt8755

Mt8765

Mt8766

Mt8768

Mt8771

Mt8781

Mt8786

Mt8788

Mt8789

Mt8791T

Mt8792

Mt8795T

Mt8796

PT-2024-18543 · Mediatek+1 · Mt6761+37

CVE-2024-20057

Weakness Enumeration

Related Identifiers

Affected Products

References · 6