CVE-2024-20088

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Sep 2, 2024
Updated: Sep 5, 2024
CWE ID 125

Summary

CVE-2024-20088 is a vulnerability that affects multiple MediaTek products, including models like wsdzGb and wsd2fj, due to an out-of-bounds read caused by a missing bounds check. This flaw can lead to local information disclosure, requiring system execution privileges for exploitation, but does not necessitate user interaction. The vulnerability has been assigned a medium severity rating with a CVSS score of 4.4, indicating a high confidentiality impact. Organizations are advised to apply the available patch (ID: ALPS08932099) to mitigate potential risks associated with this vulnerability. For further details and updates, users can refer to the vendor's security bulletin published in September 2024.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share