CVE-2024-20026

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-20026
In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541632.

4.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/March-2024 Vendor Advisory
https://corp.mediatek.com/product-security-bulletin/March-2024 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*
History

22 Apr 2025, 20:36

Type Values Removed Values Added
References () https://corp.mediatek.com/product-security-bulletin/March-2024 - () https://corp.mediatek.com/product-security-bulletin/March-2024 - Vendor Advisory
CWE NVD-CWE-noinfo
First Time Mediatek mt6873
Mediatek mt6763
Mediatek mt6771
Mediatek mt6885
Mediatek mt8512
Mediatek mt6833
Mediatek mt6893
Mediatek mt6877
Mediatek mt6779
Mediatek mt8167
Mediatek mt6853
Mediatek mt8168
Mediatek
Mediatek mt6765
Google
Mediatek mt6761
Mediatek mt6757
Mediatek mt8163
Mediatek mt6739
Google android
Mediatek mt6785
Mediatek mt6768
CPE cpe:2.3:h:mediatek:mt8163:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6757:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8512:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*
Information

Published : 2024-03-04 03:15

Updated : 2025-04-22 20:36

NVD link : CVE-2024-20026

Mitre link : CVE-2024-20026

CVE.ORG link : CVE-2024-20026

JSON object : View

Products Affected

mediatek

  • mt8168
  • mt8163
  • mt6873
  • mt6763
  • mt6771
  • mt6853
  • mt6779
  • mt6761
  • mt6885
  • mt6768
  • mt6757
  • mt8167
  • mt6893
  • mt6739
  • mt6765
  • mt6785
  • mt8512
  • mt6833
  • mt6877

google

  • android
CWE
NVD-CWE-noinfo