9.8

CVE-2024-20078

In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
GoogleAndroid Version12.0
   MediatekMt6768 Version-
   MediatekMt6779 Version-
   MediatekMt8321 Version-
   MediatekMt8385 Version-
   MediatekMt8755 Version-
   MediatekMt8765 Version-
   MediatekMt8766 Version-
   MediatekMt8768 Version-
   MediatekMt8771 Version-
   MediatekMt8775 Version-
   MediatekMt8781 Version-
   MediatekMt8786 Version-
   MediatekMt8788 Version-
   MediatekMt8789 Version-
   MediatekMt8791t Version-
   MediatekMt8792 Version-
   MediatekMt8795t Version-
   MediatekMt8796 Version-
   MediatekMt8797 Version-
   MediatekMt8798 Version-
GoogleAndroid Version13.0
   MediatekMt6768 Version-
   MediatekMt6779 Version-
   MediatekMt8321 Version-
   MediatekMt8385 Version-
   MediatekMt8755 Version-
   MediatekMt8765 Version-
   MediatekMt8766 Version-
   MediatekMt8768 Version-
   MediatekMt8771 Version-
   MediatekMt8775 Version-
   MediatekMt8781 Version-
   MediatekMt8786 Version-
   MediatekMt8788 Version-
   MediatekMt8789 Version-
   MediatekMt8791t Version-
   MediatekMt8792 Version-
   MediatekMt8795t Version-
   MediatekMt8796 Version-
   MediatekMt8797 Version-
   MediatekMt8798 Version-
GoogleAndroid Version14.0
   MediatekMt6768 Version-
   MediatekMt6779 Version-
   MediatekMt8321 Version-
   MediatekMt8385 Version-
   MediatekMt8755 Version-
   MediatekMt8765 Version-
   MediatekMt8766 Version-
   MediatekMt8768 Version-
   MediatekMt8771 Version-
   MediatekMt8775 Version-
   MediatekMt8781 Version-
   MediatekMt8786 Version-
   MediatekMt8788 Version-
   MediatekMt8789 Version-
   MediatekMt8791t Version-
   MediatekMt8792 Version-
   MediatekMt8795t Version-
   MediatekMt8796 Version-
   MediatekMt8797 Version-
   MediatekMt8798 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.21% 0.44
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.