CVE-2024-20083

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 14, 2024

Updated: Aug 21, 2024

CWE ID 787

Summary

CVE-2024-20083 is a newly disclosed vulnerability affecting the venc software. This issue involves a missing bounds check leading to a possible out-of-bounds write. If exploited, this vulnerability could grant attackers local privilege escalation with System execution privileges, which means they could gain more control over the affected system without requiring user interaction. The patch IDs for addressing this vulnerability are ALPS08810810 and ALPS08805789, while the internal issue identifier is MSV-1502.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mediatek Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xgR_Y1
https://www.cve.org/CVERecord?id=CVE-2024-20083
https://nvd.nist.gov/vuln/detail/CVE-2024-20083

Back to Vulnerability Database

CVE-2024-20083

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations