CVE-2024-20046 - Vulnerability Details

In battery, there is a possible escalation of privilege due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08485622; Issue ID: ALPS08485622.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android
Mediatek	Mt6761 Mt6765 Mt6768 Mt6789 Mt6833 Mt6855 Mt6895 Mt8167 Mt8168 Mt8188 Mt8321 Mt8765 Mt8766 Mt8768 Mt8781 Mt8786 Mt8788 Mt8789 Mt8791t Mt8797 Mt8798

Configuration 1 [-]

AND

cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*

OR	cpe:2.3:h:mediatek:mt6761:-:::::::*
	cpe:2.3:h:mediatek:mt6765:-:::::::*
	cpe:2.3:h:mediatek:mt6768:-:::::::*
	cpe:2.3:h:mediatek:mt6789:-:::::::*
	cpe:2.3:h:mediatek:mt6833:-:::::::*
	cpe:2.3:h:mediatek:mt6855:-:::::::*
	cpe:2.3:h:mediatek:mt6895:-:::::::*
	cpe:2.3:h:mediatek:mt8167:-:::::::*
	cpe:2.3:h:mediatek:mt8168:-:::::::*
	cpe:2.3:h:mediatek:mt8188:-:::::::*
	cpe:2.3:h:mediatek:mt8321:-:::::::*
	cpe:2.3:h:mediatek:mt8765:-:::::::*
	cpe:2.3:h:mediatek:mt8766:-:::::::*
	cpe:2.3:h:mediatek:mt8768:-:::::::*
	cpe:2.3:h:mediatek:mt8781:-:::::::*
	cpe:2.3:h:mediatek:mt8786:-:::::::*
	cpe:2.3:h:mediatek:mt8788:-:::::::*
	cpe:2.3:h:mediatek:mt8789:-:::::::*
	cpe:2.3:h:mediatek:mt8791t:-:::::::*
	cpe:2.3:h:mediatek:mt8797:-:::::::*
	cpe:2.3:h:mediatek:mt8798:-:::::::*

No data.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/April-2024

History

Wed, 23 Apr 2025 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Google Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6789 Mediatek mt6833 Mediatek mt6855 Mediatek mt6895 Mediatek mt8167 Mediatek mt8168 Mediatek mt8188 Mediatek mt8321 Mediatek mt8765 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788 Mediatek mt8789 Mediatek mt8791t Mediatek mt8797 Mediatek mt8798
CPEs		cpe:2.3:h:mediatek:mt6761:-:::::::* cpe:2.3:h:mediatek:mt6765:-:::::::* cpe:2.3:h:mediatek:mt6768:-:::::::* cpe:2.3:h:mediatek:mt6789:-:::::::* cpe:2.3:h:mediatek:mt6833:-:::::::* cpe:2.3:h:mediatek:mt6855:-:::::::* cpe:2.3:h:mediatek:mt6895:-:::::::* cpe:2.3:h:mediatek:mt8167:-:::::::* cpe:2.3:h:mediatek:mt8168:-:::::::* cpe:2.3:h:mediatek:mt8188:-:::::::* cpe:2.3:h:mediatek:mt8321:-:::::::* cpe:2.3:h:mediatek:mt8765:-:::::::* cpe:2.3:h:mediatek:mt8766:-:::::::* cpe:2.3:h:mediatek:mt8768:-:::::::* cpe:2.3:h:mediatek:mt8781:-:::::::* cpe:2.3:h:mediatek:mt8786:-:::::::* cpe:2.3:h:mediatek:mt8788:-:::::::* cpe:2.3:h:mediatek:mt8789:-:::::::* cpe:2.3:h:mediatek:mt8791t:-:::::::* cpe:2.3:h:mediatek:mt8797:-:::::::* cpe:2.3:h:mediatek:mt8798:-:::::::* cpe:2.3:o:google:android:12.0:::::::*
Vendors & Products		Google Google android Mediatek Mediatek mt6761 Mediatek mt6765 Mediatek mt6768 Mediatek mt6789 Mediatek mt6833 Mediatek mt6855 Mediatek mt6895 Mediatek mt8167 Mediatek mt8168 Mediatek mt8188 Mediatek mt8321 Mediatek mt8765 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788 Mediatek mt8789 Mediatek mt8791t Mediatek mt8797 Mediatek mt8798

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-04-01T02:35:05.911Z

Updated: 2024-08-01T21:52:31.553Z

Reserved: 2023-11-02T13:35:35.157Z

Link: CVE-2024-20046

Vulnrichment

Updated: 2024-08-01T21:52:31.553Z

NVD

Status : Analyzed

Published: 2024-04-01T03:15:08.177

Modified: 2025-04-23T13:47:56.393

Link: CVE-2024-20046

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object