#VU87949 Improper Check or Handling of Exceptional Conditions in MediaTek products - CVE-2024-20041
Published: April 1, 2024
Vulnerability identifier: #VU87949
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-20041
CWE-ID: CWE-703
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
MT2713
MT6789
MT6835
MT6855
MT6879
MT6886
MT6895
MT6983
MT6985
MT6989
MT8188
MT8673
MT8676
MT8781
MT6781
MT2713
MT6789
MT6835
MT6855
MT6879
MT6886
MT6895
MT6983
MT6985
MT6989
MT8188
MT8673
MT8676
MT8781
MT6781
Software vendor:
MediaTek
MediaTek
Description
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within da. A local privileged application can gain access to sensitive information.
Remediation
Install security update from vendor's website.