CVE-2024-20079

CVE-2024-20079

Vendor Mediatek, Inc.
Product MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT8666, MT8667, MT8673, MT8676, MT8678
Weakness CWE-787
Published July 1, 2024
Last update February 26, 2026

CVSS base score

What the vulnerability does

01Description

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491.

Key dates

02Disclosure timeline

July 1, 2024 CVE published
February 26, 2026 Record updated