A vulnerability, which was classified as
critical, was found in
MediaTek MT6768, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8168, MT8183, MT8188, MT8188T, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8666A, MT8666B, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8792, MT8795T, MT8796 and MT8798. Affected is an unknown function of the component
atf spm. The manipulation leads to improper privilege management.
This vulnerability is traded as
CVE-2024-20021. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to apply a patch to fix this issue.