Out of Bounds Write Vulnerability in MediaTek V6 DA Products
CVE-2024-20145
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 6 January 2025
What is CVE-2024-20145?
A potential out of bounds write vulnerability exists in MediaTek's V6 DA due to an inadequate bounds check. This flaw may allow a local attacker who has physical access to the device to escalate privileges without needing any additional execution permissions. Successful exploitation requires user interaction, making it essential for users to be vigilant about device security. For mitigation, it is recommended to apply the available patches and updates. For more details, refer to the official security bulletin.
Affected Version(s)
MT2737, MT6781, MT6789, MT6835, MT6855, MT6878, MT6879, MT6880, MT6886, MT6890, MT6895, MT6897, MT6980, MT6983, MT6985, MT6989, MT6990, MT8676 Android 14.0, 15.0 / openWRT 19.07, 21.02, 23.05 / Yocto 4.0 / RDK-B 22Q3, 24Q1