CVE-2024-20057

May 6, 2024, 12:44 p.m.

Tags

CWE-787
2024-05-06
security@mediatek.com
CVE-2024-20057

Product(s) Impacted

UNKNOWN

MediaTek KeyInstall Tool

Description

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID: ALPS08587881.

Weaknesses

Date

Published: May 6, 2024, 3:15 a.m.

Last Modified: May 6, 2024, 12:44 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@mediatek.com

References

https://corp.mediatek.com/product-security-bulletin/May-2024
security@mediatek.com