VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 5, 2024· Updated Jun 20, 2025

CVE-2024-20013

CVE-2024-20013

Description

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Out-of-bounds write in MediaTek keyInstall allows local escalation of privilege with System privileges, no user interaction needed.

Vulnerability

In the keyInstall function of MediaTek chipsets, a missing bounds check leads to an out-of-bounds write. This vulnerability affects devices running Android 11.0, OpenWrt 19.07/21.02, or RDK-B 22Q3 on chipsets such as MT2713, MT6781, MT6880, MT6890, and MT8188T [1]. The issue is identified by Patch ID ALPS08471742 and Issue ID ALPS08308608.

Exploitation

An attacker must already possess System execution privileges to exploit this vulnerability. No user interaction is required. The attacker can trigger the out-of-bounds write by invoking the vulnerable keyInstall function, leading to memory corruption.

Impact

Successful exploitation allows the attacker to escalate privileges further, potentially achieving arbitrary code execution in the kernel context. This compromises the confidentiality, integrity, and availability of the system.

Mitigation

MediaTek has released a patch (ALPS08471742) as part of the February 2024 Product Security Bulletin [1]. Device manufacturers are advised to apply the patch to affected firmware. No workaround is available; users should update their devices when the OEM provides the update.

References
  1. February 2024

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Mediatek/keyInstallllm-fuzzy
  • MediaTek, Inc./MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797, MT8798v5
    Range: Android 11.0, 12.0, 13.0, 14.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.