CVE-2024-20064

CVE-2024-20064

Vendor Mediatek, Inc.

Product MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT8678, MT8755, MT8775, MT8792, MT8796

Weakness CWE-20 · Input validation

Published May 6, 2024

Last update March 28, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08572601; Issue ID: MSV-1229.

Key dates

02Disclosure timeline

May 6, 2024 CVE published

March 28, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-20064 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2024-20064

CWE CWE-20

Affected versions

Vendor Mediatek, Inc.

Affected Android 13.0, 14.0

01Description

02Disclosure timeline

03References

04Related CVE