CVE-2024-20099
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Summary
CVE-2024-20099 is a vulnerability affecting various MediaTek products, including models kBqUZR, gQo9Ti, jxyQYr, oiK006, jxyQYl, and jw4Vn8. The issue arises from a missing bounds check that can lead to an out-of-bounds write, enabling local escalation of privileges without user interaction. This vulnerability carries a medium severity rating with a CVSS score of 6.7, necessitating high privileges for exploitation and potentially resulting in significant impacts on confidentiality and integrity. To remediate this vulnerability, users should apply the patch identified as ALPS08997492. Organizations are advised to address this issue promptly to mitigate risks of unauthorized access and system compromise.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.