CVE-2024-20084

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Sep 2, 2024
Updated: Sep 5, 2024
CWE ID 125

Summary

CVE-2024-20084 identifies a vulnerability characterized by an out-of-bounds read due to a missing bounds check, affecting multiple MediaTek products. Exploitation of this vulnerability could lead to local information disclosure, requiring system execution privileges while not necessitating user interaction. The severity of the issue is rated as medium, with a confidentiality impact deemed high, as it allows access to sensitive information. To remediate this vulnerability, users should apply the patch identified by ALPS08944210. Organizations using the affected products are advised to implement the patch promptly to mitigate potential risks associated with unauthorized data exposure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share