CVE-2024-20097

CVE-2024-20097

Vendor Mediatek, Inc.
Product MT6761, MT6765, MT6768, MT6785, MT6789, MT6853, MT6873, MT6885, MT8666, MT8667, MT8673, MT8675, MT8678
Weakness CWE-125
Published October 7, 2024
Last update October 27, 2024

CVSS base score

What the vulnerability does

01Description

In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1630.

Key dates

02Disclosure timeline

October 7, 2024 CVE published
October 27, 2024 Record updated