CVE-2024-20080 | MediaTek MT8678 Gnss Service certificate validation (MSV-1424 / ALPS08720039)

A vulnerability classified as critical has been found in MediaTek MT2735, MT2737, MT6761, MT6765, MT6768, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6989, MT6990, MT8666, MT8667, MT8673, MT8676 and MT8678. This affects an unknown part of the component Gnss Service. The manipulation leads to improper certificate validation.

This vulnerability is uniquely identified as CVE-2024-20080. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-20080 | MediaTek MT8678 Gnss Service certificate validation (MSV-1424 / ALPS08720039)

Related Posts

CVE-2024-39203 | Z-BlogPHP 1.7.3 Theme Management Module cross site scripting

CVE-2024-33763 | lunasvg 2.3.9 layoutcontext.cpp stack-based overflow

CVE-2024-25003 | KiTTY up to 0.76.1.13 hostname stack-based overflow (ID 177032)

CVE-2023-47075 | Adobe Illustrator 2023/Illustrator 2024 up to 27.9.0/28.0 use after free (apsb23-68)