Mediatek

Mt6885

59 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-20080

  • EPSS 2.36%
  • Veröffentlicht 01.07.2024 05:15:04
  • Zuletzt bearbeitet 28.05.2025 20:12:04

In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Pa...

6.6

CVE-2024-20074

  • EPSS 0.13%
  • Veröffentlicht 03.06.2024 02:15:09
  • Zuletzt bearbeitet 25.04.2025 18:37:43

In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID...

5.1

CVE-2024-20070

  • EPSS 0.34%
  • Veröffentlicht 03.06.2024 02:15:09
  • Zuletzt bearbeitet 25.04.2025 18:38:13

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional ...

6.5

CVE-2024-20069

  • EPSS 0.75%
  • Veröffentlicht 03.06.2024 02:15:08
  • Zuletzt bearbeitet 25.04.2025 18:38:24

In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not neede...

4

CVE-2024-20065

  • EPSS 0.05%
  • Veröffentlicht 03.06.2024 02:15:08
  • Zuletzt bearbeitet 25.04.2025 18:39:04

In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP...

5.9

CVE-2024-20060

  • EPSS 0.02%
  • Veröffentlicht 06.05.2024 03:15:09
  • Zuletzt bearbeitet 30.04.2025 16:38:52

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Is...

6.7

CVE-2024-20059

  • EPSS 0.01%
  • Veröffentlicht 06.05.2024 03:15:09
  • Zuletzt bearbeitet 30.04.2025 16:39:40

In da, there is a possible escalation of privilege due to an incorrect status check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541749; Is...

7.2

CVE-2024-20057

  • EPSS 0.04%
  • Veröffentlicht 06.05.2024 03:15:09
  • Zuletzt bearbeitet 30.04.2025 16:40:40

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; I...

6.7

CVE-2024-20056

  • EPSS 0.01%
  • Veröffentlicht 06.05.2024 03:15:09
  • Zuletzt bearbeitet 30.04.2025 16:41:39

In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528...

6.7

CVE-2024-20021

  • EPSS 0.03%
  • Veröffentlicht 06.05.2024 03:15:09
  • Zuletzt bearbeitet 30.04.2025 16:42:17

In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ...