Vulnerability Details CVE-2024-20021
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08584568; Issue ID: MSV-1249.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.4%
CVSS Severity
CVSS v3 Score 6.7
References
Products affected by CVE-2024-20021
-
cpe:2.3:h:mediatek:mt6768:-
-
cpe:2.3:h:mediatek:mt6781:-
-
cpe:2.3:h:mediatek:mt6785:-
-
cpe:2.3:h:mediatek:mt6833:-
-
cpe:2.3:h:mediatek:mt6853:-
-
cpe:2.3:h:mediatek:mt6873:-
-
cpe:2.3:h:mediatek:mt6877:-
-
cpe:2.3:h:mediatek:mt6885:-
-
cpe:2.3:h:mediatek:mt6893:-
-
cpe:2.3:h:mediatek:mt8168:-
-
cpe:2.3:h:mediatek:mt8183:-
-
cpe:2.3:h:mediatek:mt8188:-
-
cpe:2.3:h:mediatek:mt8188t:-
-
cpe:2.3:h:mediatek:mt8195:-
-
cpe:2.3:h:mediatek:mt8195z:-
-
cpe:2.3:h:mediatek:mt8321:-
-
cpe:2.3:h:mediatek:mt8362a:-
-
cpe:2.3:h:mediatek:mt8365:-
-
cpe:2.3:h:mediatek:mt8385:-
-
cpe:2.3:h:mediatek:mt8666:-
-
cpe:2.3:h:mediatek:mt8666a:-
-
cpe:2.3:h:mediatek:mt8666b:-
-
cpe:2.3:h:mediatek:mt8667:-
-
cpe:2.3:h:mediatek:mt8673:-
-
cpe:2.3:h:mediatek:mt8675:-
-
cpe:2.3:h:mediatek:mt8676:-
-
cpe:2.3:h:mediatek:mt8678:-
-
cpe:2.3:h:mediatek:mt8765:-
-
cpe:2.3:h:mediatek:mt8766:-
-
cpe:2.3:h:mediatek:mt8766z:-
-
cpe:2.3:h:mediatek:mt8768:-
-
cpe:2.3:h:mediatek:mt8768a:-
-
cpe:2.3:h:mediatek:mt8768b:-
-
cpe:2.3:h:mediatek:mt8768t:-
-
cpe:2.3:h:mediatek:mt8768z:-
-
cpe:2.3:h:mediatek:mt8781:-
-
cpe:2.3:h:mediatek:mt8786:-
-
cpe:2.3:h:mediatek:mt8788:-
-
cpe:2.3:h:mediatek:mt8788t:-
-
cpe:2.3:h:mediatek:mt8788x:-
-
cpe:2.3:h:mediatek:mt8788z:-
-
cpe:2.3:h:mediatek:mt8792:-
-
cpe:2.3:h:mediatek:mt8795t:-
-
cpe:2.3:h:mediatek:mt8796:-
-
cpe:2.3:h:mediatek:mt8798:-
-
cpe:2.3:o:google:android:12.0
-
cpe:2.3:o:google:android:13.0
-
cpe:2.3:o:google:android:14.0