CVE-2024-20098

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Oct 7, 2024
CWE ID 787

Summary

CVE-2024-20098 identifies a vulnerability that allows for a potential out-of-bounds write due to insufficient bounds checking in specific MediaTek products, including models such as wsdzGi and xiJWH6. This flaw could enable local escalation of privileges, requiring system execution rights for exploitation, but does not necessitate user interaction. The vulnerability is rated with a medium severity score of 6.7 and poses significant risks, including high impacts on confidentiality and integrity, as well as potential availability issues. To remediate this vulnerability, organizations are advised to apply the patch identified by ALPS08996886. The attack complexity is low, which increases the urgency for affected users to address the issue promptly to mitigate potential threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share