CVSS: 6.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-20024
https://notcve.org/view.php?id=CVE-2024-20024
04 Mar 2024 — In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS08541635. En flashc, existe una posible escritura fuera de los límites debido a la falta de valoración. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 37EXPL: 0CVE-2024-20005
https://notcve.org/view.php?id=CVE-2024-20005
04 Mar 2024 — In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-276: Incorrect Default Permissions •