{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T22:04:24.496","vulnerabilities":[{"cve":{"id":"CVE-2024-20020","sourceIdentifier":"security@mediatek.com","published":"2024-03-04T03:15:07.107","lastModified":"2025-03-28T20:15:20.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504."},{"lang":"es","value":"En OPTEE, existe una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. Esto podría conducir a la divulgación de información local con privilegios de ejecución de System necesarios. La interacción del usuario no es necesaria para la explotación. ID de parche: ALPS08522504; ID del problema: ALPS08522504."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*","matchCriteriaId":"08A26AC2-409E-499A-B0D5-8C2B5038947D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt2713:-:*:*:*:*:*:*:*","matchCriteriaId":"7D1135F9-E38C-4308-BD32-A4D83959282E"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt2715:-:*:*:*:*:*:*:*","matchCriteriaId":"FA252F20-1BB7-4654-972C-F257F37396A7"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8173:-:*:*:*:*:*:*:*","matchCriteriaId":"4452EFCF-5733-40A0-8726-F8E33E569411"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8188:-:*:*:*:*:*:*:*","matchCriteriaId":"BA3D4A45-38EE-4125-AE67-89D1C707F95A"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*","matchCriteriaId":"ED210E64-6CE7-42B1-849E-68C0E22521F6"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*","matchCriteriaId":"B774B7D7-B7DD-43A0-833F-7E39DF82CA60"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*","matchCriteriaId":"D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89"}]}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/March-2024","source":"security@mediatek.com","tags":["Vendor Advisory"]},{"url":"https://corp.mediatek.com/product-security-bulletin/March-2024","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}