Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20080

In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.

Published

2024-07-01T05:15:04.430

Last Modified

2025-05-28T20:12:04.643

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-295
  • Type: Primary
    CWE-295
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application linuxfoundation yocto 2.6 Yes
Application linuxfoundation yocto 3.3 Yes
Application linuxfoundation yocto 4.0 Yes
Application rdkcentral rdk-b 2022q3 Yes
Operating System google android 13.0 Yes
Operating System google android 14.0 Yes
Hardware mediatek mt2735 - No
Hardware mediatek mt2737 - No
Hardware mediatek mt6761 - No
Hardware mediatek mt6765 - No
Hardware mediatek mt6768 - No
Hardware mediatek mt6781 - No
Hardware mediatek mt6785 - No
Hardware mediatek mt6789 - No
Hardware mediatek mt6833 - No
Hardware mediatek mt6853 - No
Hardware mediatek mt6853t - No
Hardware mediatek mt6855 - No
Hardware mediatek mt6873 - No
Hardware mediatek mt6875 - No
Hardware mediatek mt6877 - No
Hardware mediatek mt6879 - No
Hardware mediatek mt6880 - No
Hardware mediatek mt6883 - No
Hardware mediatek mt6885 - No
Hardware mediatek mt6886 - No
Hardware mediatek mt6889 - No
Hardware mediatek mt6890 - No
Hardware mediatek mt6891 - No
Hardware mediatek mt6893 - No
Hardware mediatek mt6895 - No
Hardware mediatek mt6980 - No
Hardware mediatek mt6983 - No
Hardware mediatek mt6985 - No
Hardware mediatek mt6989 - No
Hardware mediatek mt6990 - No
Hardware mediatek mt8666 - No
Hardware mediatek mt8667 - No
Hardware mediatek mt8673 - No
Hardware mediatek mt8676 - No
Hardware mediatek mt8678 - No
References