6May
CVE-2024-20021 | MediaTek MT8798 atf spm privileges management (ALPS08584568)
A vulnerability, which was classified as critical, was found in MediaTek MT6768, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8168, MT8183, MT8188, MT8188T, MT8195, MT8195Z, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8666A, MT8666B, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8766Z, MT8768, MT8768A, MT8768B, MT8768T, MT8768Z, MT8781, MT8786, MT8788, MT8788T, MT8788X, MT8788Z, MT8792, MT8795T, MT8796 and MT8798. Affected is an unknown function of the component atf spm. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2024-20021. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.