CVE-2024-20132

CVE-2024-20132

Vendor Mediatek, Inc.
Product MT2737, MT6298, MT6879, MT6886, MT6895, MT6895T, MT6896, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990, MT8673, MT8676, MT8795T, MT8798
Weakness CWE-787
Published December 2, 2024
Last update December 3, 2024

CVSS base score

What the vulnerability does

01Description

In Modem, there is a possible out of bonds write due to a mission bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00957388; Issue ID: MSV-1872.

Key dates

02Disclosure timeline

December 2, 2024 CVE published
December 3, 2024 Record updated