CVE-2024-20056

CVE-2024-20056

Vendor Mediatek, Inc.

Product MT6739, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6983, MT6985, MT6989, MT8666, MT8667, MT8673, MT8676, MT8678

Weakness CWE-20 · Input validation

Published May 6, 2024

Last update March 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.

Key dates

02Disclosure timeline

May 6, 2024 CVE published

March 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-20056

Related vulnerabilities

Identifiers

CVE CVE-2024-20056

CWE CWE-20

Affected versions

Vendor Mediatek, Inc.

Affected Android 12.0, 13.0, 14.0 / OpenWRT 19.07, 21.02, 23.05 / RDK-B 2022q3

01Description

02Disclosure timeline

03References

04Related CVE