Products
UNKNOWN
Source
security@mediatek.com
Tags
CVE-2024-20080 details
Published : July 1, 2024, 5:15 a.m.
Last Modified : July 1, 2024, 12:37 p.m.
Last Modified : July 1, 2024, 12:37 p.m.
Description
In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-295 | Improper Certificate Validation | The product does not validate, or incorrectly validates, a certificate. |
References
URL | Source |
---|---|
https://corp.mediatek.com/product-security-bulletin/July-2024 | security@mediatek.com |
This website uses the NVD API, but is not approved or certified by it.