Login Sign Up

CVE-2024-20043

6.6 MEDIUM

📋 TL;DR

This CVE describes an out-of-bounds write vulnerability in MediaTek's 'da' component due to missing bounds checks. It allows local privilege escalation to System privileges without requiring user interaction. Affected systems include devices using vulnerable MediaTek chipsets.

💻 Affected Systems

Products:
  • MediaTek chipsets with vulnerable 'da' component
Versions: Specific versions not publicly detailed in bulletin
Operating Systems: Android-based systems using MediaTek chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices using MediaTek chipsets with the vulnerable 'da' component. Exact device models not specified in available references.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could gain System-level privileges, potentially compromising the entire device, installing persistent malware, or accessing sensitive data.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls and execute arbitrary code with elevated permissions.

🟢

If Mitigated

With proper patching and security controls, the risk is reduced to minimal, though the vulnerability remains present in unpatched systems.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and System execution privileges initially. No public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patch ID: ALPS08541781

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/April-2024

Restart Required: Yes

Instructions:

1. Check device manufacturer for security updates. 2. Apply the April 2024 MediaTek security patch. 3. Reboot device after patch installation.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and remote local access to vulnerable devices to reduce attack surface.

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized local access.
  • Monitor for suspicious privilege escalation attempts and unusual system behavior.

🔍 How to Verify

Check if Vulnerable:

Check device security patch level in Android settings. If before April 2024 MediaTek patch, likely vulnerable.

Check Version:

On Android: Settings > About phone > Android security patch level

Verify Fix Applied:

Verify security patch level includes April 2024 MediaTek updates. Confirm patch ID ALPS08541781 is applied.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Suspicious 'da' process behavior
  • Kernel or system service crashes

Network Indicators:

  • Local privilege escalation typically has minimal network indicators

SIEM Query:

Search for events indicating privilege escalation from user to system level on Android devices with MediaTek chipsets.

📊 Metadata

CVE ID: CVE-2024-20043
CVSS v3 Score: 6.6 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: April 1, 2024
Last Updated: April 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20043, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2018-6692 10.0

This vulnerability allows remote attackers to execute arbitrary code on Belkin Wemo Insight Smart Pl...

Same vulnerability type (CWE-787)