Vulnerabilities > CVE-2024-20022

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-03-04

Updated: 2025-01-30

Summary

In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.

Vulnerable Configurations

Part	Description	Count
Application	Linuxfoundation Linuxfoundation Yocto 3.3	1
Application	Rdkcentral Rdkcentral Rdkb 2022Q3	1
OS	Google Google Android 12.0 Google Android 13.0 Google Android 14.0	3
OS	Openwrt Openwrt Openwrt 19.07.0 Openwrt Openwrt 21.02.0	2
Hardware	Mediatek Mediatek Mt2737 - Mediatek Mt6789 - Mediatek Mt6835 - Mediatek Mt6855 - Mediatek Mt6879 - Mediatek Mt6880 - Mediatek Mt6886 - Mediatek Mt6890 - Mediatek Mt6895 - Mediatek Mt6980 - Mediatek Mt6983 - Mediatek Mt6985 - Mediatek Mt6989 - Mediatek Mt6990 - Mediatek Mt8321 - Mediatek Mt8385 - Mediatek Mt8666 - Mediatek Mt8667 - Mediatek Mt8673 - Mediatek Mt8765 - Mediatek Mt8766 - Mediatek Mt8768 - Mediatek Mt8781 - Mediatek Mt8786 - Mediatek Mt8788 - Mediatek Mt8789 - Mediatek Mt8791 - Mediatek Mt8796 - Mediatek Mt8797 - Mediatek Mt8798 -	30

Vulnerabilities > CVE-2024-20022 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2024-20022"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2024-20022