Login Sign Up

CVE-2024-20057

7.2 HIGH

📋 TL;DR

CVE-2024-20057 is a memory corruption vulnerability in MediaTek's keyInstall component where missing bounds checks allow out-of-bounds writes. This enables local privilege escalation to SYSTEM level without requiring user interaction. The vulnerability affects MediaTek-based Android devices.

💻 Affected Systems

Products:
  • MediaTek-based Android devices
Versions: Specific MediaTek chipset firmware versions (exact versions not specified in bulletin)
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices using MediaTek chipsets with vulnerable keyInstall implementation. Exact device models not specified in the provided bulletin.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise with SYSTEM privileges, allowing attackers to install persistent malware, access all user data, and bypass security controls.

🟠

Likely Case

Local privilege escalation from a compromised app or user session to SYSTEM privileges, enabling further exploitation of the device.

🟢

If Mitigated

Limited impact if proper application sandboxing and SELinux policies are enforced, though SYSTEM access would still be achievable.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring initial access to the device.
🏢 Internal Only: HIGH - Once an attacker gains initial access to a device (through malware or physical access), they can exploit this to gain SYSTEM privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and SYSTEM execution privileges to exploit, but no user interaction needed. Memory corruption vulnerabilities often have reliable exploitation paths.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patch ID: ALPS08587881

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/May-2024

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply the May 2024 MediaTek security patch. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict local access

all

Limit physical and remote access to devices to reduce attack surface

🧯 If You Can't Patch

  • Isolate affected devices from critical networks and data
  • Implement strict application whitelisting and monitoring for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version and compare against MediaTek's May 2024 security bulletin. Look for patch ID ALPS08587881 in installed updates.

Check Version:

On Android: Settings > About Phone > Build Number / Software Information

Verify Fix Applied:

Verify that the May 2024 MediaTek security patch with ID ALPS08587881 is installed on the device.

📡 Detection & Monitoring

Log Indicators:

  • Unusual privilege escalation attempts in system logs
  • Suspicious access to keyInstall component

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable - requires device-level monitoring rather than network detection

📊 Metadata

CVE ID: CVE-2024-20057
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 6, 2024
Last Updated: April 30, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20057, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)