Out of Bounds Write Vulnerability in MediaTek Products
CVE-2024-20025

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt6739, Mt6757, Mt6761, Mt6763, Mt6765, Mt6768, Mt6771, Mt6779, Mt6785, Mt6833, Mt6853, Mt6873, Mt6877, Mt6885, Mt6893, Mt8167, Mt8168, Mt8173, Mt8175, Mt8185, Mt8195, Mt8321, Mt8362a, Mt8365, Mt8385, Mt8395, Mt8666, Mt8673, Mt8678, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8789, Mt8791, Mt8791t, Mt8796, Mt8797, Mt8798
Vendor: CVE Published:; 4 March 2024

Summary

A potential out of bounds write issue has been identified in MediaTek software due to an integer overflow. This vulnerability could allow local escalation of privileges, enabling an attacker to execute system-level commands without user interaction. It is crucial for users of affected MediaTek devices to apply the necessary patches to mitigate this risk.

Affected Version(s)

MT6739, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8168, MT8173, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8673, MT8678, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8796, MT8797, MT8798 Android 12.0, 13.0, 14.0

References

https://corp.mediatek.com/product-security-bulletin/March...

Timeline

Vulnerability published
Mar 4, 2024
Vulnerability Reserved
Nov 2, 2023