{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20002", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2023-11-02T13:35:35.146Z", "datePublished": "2024-02-05T05:59:42.613Z", "dateUpdated": "2025-06-17T13:34:19.277Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-02-05T05:59:42.613Z"}, "descriptions": [{"lang": "en", "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689", "versions": [{"version": "Android 11.0, 12.0, 13.0, 14.0", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.242Z"}, "title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2024", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-17T13:33:19.502224Z", "id": "CVE-2024-20002", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:34:19.277Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2024", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.242Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-20002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-17T13:33:19.502224Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T13:33:49.959Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT5583, MT5586, MT5691, MT5695, MT5696, MT9010, MT9011, MT9012, MT9015, MT9016, MT9020, MT9021, MT9022, MT9025, MT9026, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9286, MT9288, MT9602, MT9603, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9618, MT9629, MT9630, MT9631, MT9632, MT9633, MT9636, MT9638, MT9639, MT9649, MT9650, MT9652, MT9653, MT9660, MT9666, MT9667, MT9669, MT9671, MT9675, MT9679, MT9685, MT9686, MT9688, MT9689", "versions": [{"status": "affected", "version": "Android 11.0, 12.0, 13.0, 14.0"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/February-2024"}], "descriptions": [{"lang": "en", "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-02-05T05:59:42.613Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20002", "state": "PUBLISHED", "dateUpdated": "2025-06-17T13:34:19.277Z", "dateReserved": "2023-11-02T13:35:35.146Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2024-02-05T05:59:42.613Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt5583:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C394724-3294-4953-85C8-EE3894B5092C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt5586:-:*:*:*:*:*:*:*", "matchCriteriaId": "E684A498-10F3-4BD8-9935-9ED5933F9157", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt5691:-:*:*:*:*:*:*:*", "matchCriteriaId": "96BD96BE-10BC-4C7E-8A48-C7CB08A61765", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt5695:-:*:*:*:*:*:*:*", "matchCriteriaId": "75A56009-090B-4101-B000-224412058654", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt5696:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A07610A-173B-4DF2-8DAD-D2FF07EB9A17", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9010:-:*:*:*:*:*:*:*", "matchCriteriaId": "3EC50C1C-A31D-4EDF-AB6A-FA1E92AE7F2A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9011:-:*:*:*:*:*:*:*", "matchCriteriaId": "CEE06B45-7F23-4EB5-9885-4FCA0FC0D5C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9012:-:*:*:*:*:*:*:*", "matchCriteriaId": "CBFB4E04-7BC0-4B48-ABD7-6971E4725895", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9015:-:*:*:*:*:*:*:*", "matchCriteriaId": "354492FD-4052-41F8-805E-55F387AF8F17", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9016:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE1DD6A9-E503-4A8E-92FF-625CD734DBD6", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9020:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EAAF66C-9C81-498B-A0C0-3295CB7324A9", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9021:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E1092AC-60EC-453C-9AA9-8F35A2A6DF92", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9022:-:*:*:*:*:*:*:*", "matchCriteriaId": "350ED16A-35A5-4F54-A01F-6EADE58E5530", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9025:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6133E43-E032-4334-88C7-116B27B3090D", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9026:-:*:*:*:*:*:*:*", "matchCriteriaId": "49437377-6D2F-40FD-8CCF-29179C19D296", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9216:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B45803F-1AD2-47C8-BB9B-276628A0D605", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9218:-:*:*:*:*:*:*:*", "matchCriteriaId": "B028E80F-396F-4898-841D-9E99DE54FAC2", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9220:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FB0DB25-6CFF-4688-B423-6CC0252C3B59", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9221:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9E90123-D7DC-4C68-B2F9-27DCEDED2FC6", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9222:-:*:*:*:*:*:*:*", "matchCriteriaId": "5B250A0A-BE50-45B6-AD72-8EA876F64DD4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9255:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9C5A33A-7B04-4E14-A268-A717CD2420DA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9256:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAC84405-17EE-4C25-8477-317F2A6A095F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9266:-:*:*:*:*:*:*:*", "matchCriteriaId": "85C42802-293E-448B-A059-DFDEF1D97EC2", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9269:-:*:*:*:*:*:*:*", "matchCriteriaId": "F19E7E64-721E-436B-B879-D1EDE5EFF84C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9286:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CEEB709-8C7B-48AF-B359-9CE9C68790D5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9288:-:*:*:*:*:*:*:*", "matchCriteriaId": "6081A92B-4361-462A-9F7F-570AC7256CDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9602:-:*:*:*:*:*:*:*", "matchCriteriaId": "49ED757E-42DD-4176-B216-915EFD8E2F40", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9603:-:*:*:*:*:*:*:*", "matchCriteriaId": "26696662-6232-458A-A1E1-067CBDB62FA9", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9610:-:*:*:*:*:*:*:*", "matchCriteriaId": "6BA3286D-A136-4EB2-A181-6EF8A556EFDF", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9611:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A9F24C9-2A69-44D9-A16B-E4187230F984", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9612:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD04E099-75F4-48F6-BB8C-28A5D6FB8F60", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9613:-:*:*:*:*:*:*:*", "matchCriteriaId": "E92602E3-1B1B-4683-801D-D151919C63EE", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9615:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AF44498-001B-4A51-AB32-EBC206B14741", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9617:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2E6E130-9F65-482B-AF8B-97DA81FCE19E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9618:-:*:*:*:*:*:*:*", "matchCriteriaId": "311AFBA9-A0AD-4638-ACFF-0D4AC12FA127", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9629:-:*:*:*:*:*:*:*", "matchCriteriaId": "47E5EE7B-1208-4007-AF87-6DC309FFE312", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9630:-:*:*:*:*:*:*:*", "matchCriteriaId": "9FE404F4-FFAE-4646-9234-15230F0577F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9631:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA834B63-F689-48BA-84E6-500351990BFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9632:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF1B3B37-22C4-42F4-8264-07512619D706", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9633:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CF26725-1701-40F4-83E9-1A4709B60763", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9636:-:*:*:*:*:*:*:*", "matchCriteriaId": "11B89606-5FD7-4513-984A-16217D37BF4B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9638:-:*:*:*:*:*:*:*", "matchCriteriaId": "76F4FC23-534B-449A-8344-1F13AE9C8C57", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9639:-:*:*:*:*:*:*:*", "matchCriteriaId": "392C9A58-EAB1-44B5-B189-98C68CC23199", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9649:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1C6E88C-46DD-45AB-88C1-B69FC0E25056", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9650:-:*:*:*:*:*:*:*", "matchCriteriaId": "2D0EF507-52A0-45D1-AC26-97F765E691FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9652:-:*:*:*:*:*:*:*", "matchCriteriaId": "C826242C-440E-4D85-841E-570E9C69777C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9653:-:*:*:*:*:*:*:*", "matchCriteriaId": "63BC3AE7-4180-4B8C-AB69-8AC4F502700D", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9660:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB80E351-B6E5-4571-A603-04A3A6AFB8CB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9666:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A4E9A32-6267-4AB3-B9A9-BBC79ED2F343", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9667:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7AC916-FF8D-430D-837C-0587056198AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9669:-:*:*:*:*:*:*:*", "matchCriteriaId": "8531FD76-C0C1-45FE-8FDC-26402FF8BFA5", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9671:-:*:*:*:*:*:*:*", "matchCriteriaId": "94F5F738-459C-4316-80AF-1B9C33E0F36B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9675:-:*:*:*:*:*:*:*", "matchCriteriaId": "046B7E06-8C40-4D37-8D10-4816E51CA143", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9679:-:*:*:*:*:*:*:*", "matchCriteriaId": "717AE700-78CC-4750-92CB-C9293571EC7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9685:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFD9AD54-9F0F-414B-8936-3A981657D6AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9686:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B429106-36BE-42F2-8D05-FB9EF00BDFBA", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9688:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7D78E76-6A3B-4736-B7E7-C9032CDA845B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt9689:-:*:*:*:*:*:*:*", "matchCriteriaId": "B84CEB95-BF9E-42E3-90F4-70B1C7EE41A6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715."}, {"lang": "es", "value": "En TVAPI, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: DTV03961715; ID del problema: DTV03961715."}], "id": "CVE-2024-20002", "lastModified": "2025-06-17T14:15:28.767", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-05T06:15:47.083", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/February-2024"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}