In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.
History

Mon, 02 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Mediatek
Mediatek mt6879
Mediatek mt6886
Mediatek mt6895
Mediatek mt6895t
Mediatek mt6896
Mediatek mt6980
Mediatek mt6983
Mediatek mt8673
Mediatek mt8676
Mediatek mt8795t
Mediatek mt8798
CPEs cpe:2.3:h:mediatek:mt6879:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6895t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6896:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6980:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8673:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8676:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8795t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*
Vendors & Products Mediatek
Mediatek mt6879
Mediatek mt6886
Mediatek mt6895
Mediatek mt6895t
Mediatek mt6896
Mediatek mt6980
Mediatek mt6983
Mediatek mt8673
Mediatek mt8676
Mediatek mt8795t
Mediatek mt8798
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 02 Dec 2024 03:30:00 +0000

Type Values Removed Values Added
Description In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issue ID: MSV-1871.
Weaknesses CWE-787
References

cve-icon MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-12-02T03:07:05.067Z

Updated: 2024-12-03T04:55:30.550Z

Reserved: 2023-11-02T13:35:35.181Z

Link: CVE-2024-20133

cve-icon Vulnrichment

Updated: 2024-12-02T15:46:12.261Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-02T04:15:05.567

Modified: 2024-12-02T16:15:07.737

Link: CVE-2024-20133

cve-icon Redhat

No data.