CVE-2024-20081

CVE-2024-20081

Vendor Mediatek, Inc.
Product MT2735, MT2737, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8666, MT8667
Weakness CWE-787
Published July 1, 2024
Last update March 13, 2025

CVSS base score

What the vulnerability does

01Description

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.

Key dates

02Disclosure timeline

July 1, 2024 CVE published
March 13, 2025 Record updated