CVE-2024-20099

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Oct 7, 2024
CWE ID 787

Summary

CVE-2024-20099 is a vulnerability affecting various MediaTek products, including models kBqUZR, gQo9Ti, jxyQYr, oiK006, jxyQYl, and jw4Vn8. The issue arises from a missing bounds check that can lead to an out-of-bounds write, enabling local escalation of privileges without user interaction. This vulnerability carries a medium severity rating with a CVSS score of 6.7, necessitating high privileges for exploitation and potentially resulting in significant impacts on confidentiality and integrity. To remediate this vulnerability, users should apply the patch identified as ALPS08997492. Organizations are advised to address this issue promptly to mitigate risks of unauthorized access and system compromise.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share