CVE-2024-20023 - Vulnerability Details

Vendors	Products
Google	Android
Linuxfoundation	Yocto
Mediatek	Mt2713 Mt2737 Mt6781 Mt6789 Mt6835 Mt6855 Mt6879 Mt6880 Mt6886 Mt6890 Mt6895 Mt6980 Mt6983 Mt6985 Mt6989 Mt6990 Mt8188 Mt8188t Mt8370 Mt8390 Mt8673 Mt8676 Mt8678
Openwrt	Openwrt
Rdkcentral	Rdk-b

Link	Providers
https://corp.mediatek.com/product-security-bulletin/March-2024

Type	Values Removed	Values Added
First Time appeared		Google Google android Linuxfoundation Linuxfoundation yocto Mediatek Mediatek mt2713 Mediatek mt2737 Mediatek mt6781 Mediatek mt6789 Mediatek mt6835 Mediatek mt6855 Mediatek mt6879 Mediatek mt6880 Mediatek mt6886 Mediatek mt6890 Mediatek mt6895 Mediatek mt6980 Mediatek mt6983 Mediatek mt6985 Mediatek mt6989 Mediatek mt6990 Mediatek mt8188 Mediatek mt8188t Mediatek mt8370 Mediatek mt8390 Mediatek mt8673 Mediatek mt8676 Mediatek mt8678 Openwrt Openwrt openwrt Rdkcentral Rdkcentral rdk-b
CPEs		cpe:2.3:a:linuxfoundation:yocto:3.3:::::::* cpe:2.3:a:rdkcentral:rdk-b:2022q3:::::::* cpe:2.3:h:mediatek:mt2713:-:::::::* cpe:2.3:h:mediatek:mt2737:-:::::::* cpe:2.3:h:mediatek:mt6781:-:::::::* cpe:2.3:h:mediatek:mt6789:-:::::::* cpe:2.3:h:mediatek:mt6835:-:::::::* cpe:2.3:h:mediatek:mt6855:-:::::::* cpe:2.3:h:mediatek:mt6879:-:::::::* cpe:2.3:h:mediatek:mt6880:-:::::::* cpe:2.3:h:mediatek:mt6886:-:::::::* cpe:2.3:h:mediatek:mt6890:-:::::::* cpe:2.3:h:mediatek:mt6895:-:::::::* cpe:2.3:h:mediatek:mt6980:-:::::::* cpe:2.3:h:mediatek:mt6983:-:::::::* cpe:2.3:h:mediatek:mt6985:-:::::::* cpe:2.3:h:mediatek:mt6989:-:::::::* cpe:2.3:h:mediatek:mt6990:-:::::::* cpe:2.3:h:mediatek:mt8188:-:::::::* cpe:2.3:h:mediatek:mt8188t:-:::::::* cpe:2.3:h:mediatek:mt8370:-:::::::* cpe:2.3:h:mediatek:mt8390:-:::::::* cpe:2.3:h:mediatek:mt8673:-:::::::* cpe:2.3:h:mediatek:mt8676:-:::::::* cpe:2.3:h:mediatek:mt8678:-:::::::* cpe:2.3:o:google:android:12.0:::::::* cpe:2.3:o:google:android:13.0:::::::* cpe:2.3:o:google:android:14.0:::::::* cpe:2.3:o:openwrt:openwrt:19.07.0:-:::::: cpe:2.3:o:openwrt:openwrt:21.02.0:-::::::
Vendors & Products		Google Google android Linuxfoundation Linuxfoundation yocto Mediatek Mediatek mt2713 Mediatek mt2737 Mediatek mt6781 Mediatek mt6789 Mediatek mt6835 Mediatek mt6855 Mediatek mt6879 Mediatek mt6880 Mediatek mt6886 Mediatek mt6890 Mediatek mt6895 Mediatek mt6980 Mediatek mt6983 Mediatek mt6985 Mediatek mt6989 Mediatek mt6990 Mediatek mt8188 Mediatek mt8188t Mediatek mt8370 Mediatek mt8390 Mediatek mt8673 Mediatek mt8676 Mediatek mt8678 Openwrt Openwrt openwrt Rdkcentral Rdkcentral rdk-b

Type	Values Removed	Values Added
Weaknesses		CWE-787
Metrics		cvssV3_1 `{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20023", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2023-11-02T13:35:35.151Z", "datePublished": "2024-03-04T02:43:32.414Z", "dateUpdated": "2024-08-25T15:17:44.836Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-03-04T02:43:32.414Z"}, "descriptions": [{"lang": "en", "value": "In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT2713, MT2737, MT6781, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8188T, MT8370, MT8390, MT8673, MT8676, MT8678", "versions": [{"version": "Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.735Z"}, "title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "mediatek", "product": "mt2713", "cpes": ["cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt2737", "cpes": ["cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6781", "cpes": ["cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6789", "cpes": ["cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6835", "cpes": ["cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6855", "cpes": ["cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6879", "cpes": ["cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6880", "cpes": ["cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6886", "cpes": ["cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6890", "cpes": ["cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6895", "cpes": ["cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6980", "cpes": ["cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6983", "cpes": ["cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6985", "cpes": ["cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6989", "cpes": ["cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt6990", "cpes": ["cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8188", "cpes": ["cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8188t", "cpes": ["cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8370", "cpes": ["cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8390", "cpes": ["cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8673", "cpes": ["cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8676", "cpes": ["cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "mediatek", "product": "mt8678", "cpes": ["cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "google", "product": "android", "cpes": ["cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*", "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*", "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "12.0", "status": "affected"}, {"version": "13.0", "status": "affected"}, {"version": "14.0", "status": "affected"}]}, {"vendor": "openwrt", "product": "openwrt", "cpes": ["cpe:2.3:a:openwrt:openwrt:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "19.07", "status": "affected"}, {"version": "21.02", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-08T05:00:26.777091Z", "id": "CVE-2024-20023", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-25T15:17:44.836Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2024-20023 (string)

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

state : PUBLISHED (string)

assignerShortName : MediaTek (string)

dateReserved : 2023-11-02T13:35:35.151Z (string)

datePublished : 2024-03-04T02:43:32.414Z (string)

dateUpdated : 2024-08-25T15:17:44.836Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

dateUpdated : 2024-03-04T02:43:32.414Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. (string)

}

]

affected : [ »

0 : { »

vendor : MediaTek, Inc. (string)

product : MT2713, MT2737, MT6781, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8188T, MT8370, MT8390, MT8673, MT8676, MT8678 (string)

versions : [ »

0 : { »

version : Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3 (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

lang : en (string)

description : Elevation of Privilege (string)

}

]

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-01T21:52:31.735Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-787 (string)

lang : en (string)

description : CWE-787 Out-of-bounds Write (string)

}

]

}

]

affected : [ »

0 : { »

vendor : mediatek (string)

product : mt2713 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

1 : { »

vendor : mediatek (string)

product : mt2737 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

2 : { »

vendor : mediatek (string)

product : mt6781 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

3 : { »

vendor : mediatek (string)

product : mt6789 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

4 : { »

vendor : mediatek (string)

product : mt6835 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

5 : { »

vendor : mediatek (string)

product : mt6855 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

6 : { »

vendor : mediatek (string)

product : mt6879 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

7 : { »

vendor : mediatek (string)

product : mt6880 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

8 : { »

vendor : mediatek (string)

product : mt6886 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

9 : { »

vendor : mediatek (string)

product : mt6890 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

10 : { »

vendor : mediatek (string)

product : mt6895 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

11 : { »

vendor : mediatek (string)

product : mt6980 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

12 : { »

vendor : mediatek (string)

product : mt6983 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

13 : { »

vendor : mediatek (string)

product : mt6985 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

14 : { »

vendor : mediatek (string)

product : mt6989 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

15 : { »

vendor : mediatek (string)

product : mt6990 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

16 : { »

vendor : mediatek (string)

product : mt8188 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

17 : { »

vendor : mediatek (string)

product : mt8188t (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

18 : { »

vendor : mediatek (string)

product : mt8370 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

19 : { »

vendor : mediatek (string)

product : mt8390 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

20 : { »

vendor : mediatek (string)

product : mt8673 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

21 : { »

vendor : mediatek (string)

product : mt8676 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

22 : { »

vendor : mediatek (string)

product : mt8678 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 0 (string)

status : affected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

23 : { »

vendor : google (string)

product : android (string)

cpes : [ »

0 : cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:* (string)

1 : cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:* (string)

2 : cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 12.0 (string)

status : affected (string)

}

1 : { »

version : 13.0 (string)

status : affected (string)

}

2 : { »

version : 14.0 (string)

status : affected (string)

}

]

}

24 : { »

vendor : openwrt (string)

product : openwrt (string)

cpes : [ »

0 : cpe:2.3:a:openwrt:openwrt:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 19.07 (string)

status : affected (string)

}

1 : { »

version : 21.02 (string)

status : affected (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 6.7 (number)

attackVector : LOCAL (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : HIGH (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-03-08T05:00:26.777091Z (string)

id : CVE-2024-20023 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-25T15:17:44.836Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.735Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-20023", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-08T05:00:26.777091Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt2713", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt2737", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6781", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6789", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6835", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6855", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6879", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6880", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6886", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6890", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6895", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6980", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6983", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6985", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6989", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6990", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8188", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8188t", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8370", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8390", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8673", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8676", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8678", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*", "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*", "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"], "vendor": "google", "product": "android", "versions": [{"status": "affected", "version": "12.0"}, {"status": "affected", "version": "13.0"}, {"status": "affected", "version": "14.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:openwrt:openwrt:-:*:*:*:*:*:*:*"], "vendor": "openwrt", "product": "openwrt", "versions": [{"status": "affected", "version": "19.07"}, {"status": "affected", "version": "21.02"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-25T15:15:02.740Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT2713, MT2737, MT6781, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8188T, MT8370, MT8390, MT8673, MT8676, MT8678", "versions": [{"status": "affected", "version": "Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "descriptions": [{"lang": "en", "value": "In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-03-04T02:43:32.414Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20023", "state": "PUBLISHED", "dateUpdated": "2024-08-25T15:17:44.836Z", "dateReserved": "2023-11-02T13:35:35.151Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2024-03-04T02:43:32.414Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-01T21:52:31.735Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 6.7 (number)

attackVector : LOCAL (string)

baseSeverity : MEDIUM (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : HIGH (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2024-20023 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-03-08T05:00:26.777091Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt2713 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt2737 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6781 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6789 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6835 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

5 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6855 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

6 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6879 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

7 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6880 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

8 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6886 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

9 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6890 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

10 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6895 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

11 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6980 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

12 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6983 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

13 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6985 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

14 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6989 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

15 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6990 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

16 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8188 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

17 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8188t (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

18 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8370 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

19 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8390 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

20 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8673 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

21 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8676 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

22 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8678 (string)

versions : [ »

0 : { »

status : affected (string)

version : 0 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

23 : { »

cpes : [ »

0 : cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:* (string)

1 : cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:* (string)

2 : cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* (string)

]

vendor : google (string)

product : android (string)

versions : [ »

0 : { »

status : affected (string)

version : 12.0 (string)

}

1 : { »

status : affected (string)

version : 13.0 (string)

}

2 : { »

status : affected (string)

version : 14.0 (string)

}

]

defaultStatus : unknown (string)

}

24 : { »

cpes : [ »

0 : cpe:2.3:a:openwrt:openwrt:-:*:*:*:*:*:*:* (string)

]

vendor : openwrt (string)

product : openwrt (string)

versions : [ »

0 : { »

status : affected (string)

version : 19.07 (string)

}

1 : { »

status : affected (string)

version : 21.02 (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-787 (string)

description : CWE-787 Out-of-bounds Write (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-25T15:15:02.740Z (string)

}

]

cna : { »

affected : [ »

0 : { »

vendor : MediaTek, Inc. (string)

product : MT2713, MT2737, MT6781, MT6789, MT6835, MT6855, MT6879, MT6880, MT6886, MT6890, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8188, MT8188T, MT8370, MT8390, MT8673, MT8676, MT8678 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0, 13.0, 14.0 / OpenWrt 19.07, 21.02 / Yocto 3.3 / RDK-B 22Q3 (string)

}

]

}

]

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : text (string)

description : Elevation of Privilege (string)

}

]

}

]

providerMetadata : { »

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

dateUpdated : 2024-03-04T02:43:32.414Z (string)

}

cveMetadata : { »

cveId : CVE-2024-20023 (string)

state : PUBLISHED (string)

dateUpdated : 2024-08-25T15:17:44.836Z (string)

dateReserved : 2023-11-02T13:35:35.151Z (string)

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

datePublished : 2024-03-04T02:43:32.414Z (string)

assignerShortName : MediaTek (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56", "vulnerable": true}, {"criteria": "cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*", "matchCriteriaId": "A1488152-CC93-40DF-8D1F-BF33DC8444FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D", "vulnerable": true}, {"criteria": "cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*", "matchCriteriaId": "4FA469E2-9E63-4C9A-8EBA-10C8C870063A", "vulnerable": true}, {"criteria": "cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*", "matchCriteriaId": "F0133207-2EED-4625-854F-8DB7770D5BF7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D1135F9-E38C-4308-BD32-A4D83959282E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B9B0D82-82C1-4A77-A016-329B99C45F49", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*", "matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*", "matchCriteriaId": "89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*", "matchCriteriaId": "704BE5CE-AE08-4432-A8B0-4C8BD62148AD", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*", "matchCriteriaId": "68CF4A7A-3136-4C4C-A795-81323896BE11", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*", "matchCriteriaId": "171D1C08-F055-44C0-913C-AA2B73AF5B72", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA9131F6-F167-4FD7-8FBF-B372CBBCF46F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA3D4A45-38EE-4125-AE67-89D1C707F95A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4675A09-0147-4690-8AA1-E3802CA1B3EB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*", "matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*", "matchCriteriaId": "152F6606-FA23-4530-AA07-419866B74CB3", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE302F6F-170E-4350-A8F4-65BE0C50CB78", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*", "matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638."}, {"lang": "es", "value": "En flashc, existe una posible escritura fuera de los l\u00edmites debido a la falta de valoraci\u00f3n. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: ALPS08541638; ID del problema: ALPS08541638."}], "id": "CVE-2024-20023", "lastModified": "2025-04-22T20:36:44.290", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-04T03:15:07.193", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 2385F2C9-3EA1-424B-AB8D-A672BF1CBE56 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:* (string)

matchCriteriaId : A1488152-CC93-40DF-8D1F-BF33DC8444FF (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F8FB8EE9-FC56-4D5E-AE55-A5967634740C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 879FFD0C-9B38-4CAA-B057-1086D794D469 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 2700BCC5-634D-4EC6-AB67-5B678D5F951D (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:* (string)

matchCriteriaId : 4FA469E2-9E63-4C9A-8EBA-10C8C870063A (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:* (string)

matchCriteriaId : F0133207-2EED-4625-854F-8DB7770D5BF7 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7D1135F9-E38C-4308-BD32-A4D83959282E (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9C2A1118-B5F7-4EF5-B329-0887B5F3430E (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C4EEE021-6B2A-47A0-AC6B-55525A40D718 (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:mediatek:mt6789:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 8B9B0D82-82C1-4A77-A016-329B99C45F49 (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 19A63103-C708-48EC-B44D-5E465A6B79C5 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 89AFEE24-7AAD-4EDB-8C3E-EDBA3240730A (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 704BE5CE-AE08-4432-A8B0-4C8BD62148AD (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 68CF4A7A-3136-4C4C-A795-81323896BE11 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:* (string)

matchCriteriaId : AF3E2B84-DAFE-4E11-B23B-026F719475F5 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 171D1C08-F055-44C0-913C-AA2B73AF5B72 (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:* (string)

matchCriteriaId : E0CA45C9-7BFE-4C93-B2AF-B86501F763AB (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BA9131F6-F167-4FD7-8FBF-B372CBBCF46F (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:* (string)

matchCriteriaId : AD7DE6B2-66D9-4A3E-B15F-D56505559255 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1A76806D-A4E3-466A-90CB-E9FFE478E7A0 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BA3D4A45-38EE-4125-AE67-89D1C707F95A (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:mediatek:mt8188t:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A4675A09-0147-4690-8AA1-E3802CA1B3EB (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:* (string)

matchCriteriaId : DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31 (string)

vulnerable : false (boolean)

}

19 : { »

criteria : cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B774B7D7-B7DD-43A0-833F-7E39DF82CA60 (string)

vulnerable : false (boolean)

}

20 : { »

criteria : cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 152F6606-FA23-4530-AA07-419866B74CB3 (string)

vulnerable : false (boolean)

}

21 : { »

criteria : cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EE302F6F-170E-4350-A8F4-65BE0C50CB78 (string)

vulnerable : false (boolean)

}

22 : { »

criteria : cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 152A5F3D-8004-4649-BDB1-E6F0798AF1CB (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. (string)

}

1 : { »

lang : es (string)

value : En flashc, existe una posible escritura fuera de los límites debido a la falta de valoración. Esto podría conducir a una escalada local de privilegios con permisos de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS08541638; ID del problema: ALPS08541638. (string)

}

]

id : CVE-2024-20023 (string)

lastModified : 2025-04-22T20:36:44.290 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 6.7 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 0.8 (number)

impactScore : 5.9 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-03-04T03:15:07.193 (string)

references : [ »

0 : { »

source : security@mediatek.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/March-2024 (string)

}

]

sourceIdentifier : security@mediatek.com (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-787 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object