CVE-2024-20021 | MediaTek MT8798 atf spm privileges management (ALPS08584568)

A vulnerability, which was classified as critical, was found in MediaTek MT6768, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8168, MT8183, MT8188, MT8188T, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8666A, MT8666B, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8792, MT8795T, MT8796 and MT8798. Affected is an unknown function of the component atf spm. The manipulation leads to improper privilege management.

This vulnerability is traded as CVE-2024-20021. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-20021 | MediaTek MT8798 atf spm privileges management (ALPS08584568)

Post correlati

CVE-2024-1804 | Tutor LMS Plugin up to 2.2.0 on WordPress tutor_import_from_xml authorization

CVE-2023-5880 | The Genie Company Aladdin Connect up to 14.1.1 Garage Door Control Module Setup Page cross site scripting

CVE-2024-42547 | TOTOLINK A3100R 4.1.2cu.5050_B20200504 loginauth http_host buffer overflow

CVE-2024-1567 | Royal Elementor Addons and Templates Plugin up to 1.3.94 on WordPress unrestricted upload