cve/2024/CVE-2024-20036.md

### [CVE-2024-20036](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20036)
![](https://img.shields.io/static/v1?label=Product&message=MT6835%2C%20MT6855%2C%20MT6879%2C%20MT6886%2C%20MT6895%2C%20MT6983%2C%20MT6985%2C%20MT8792%2C%20MT8796%2C%20MT8798&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Android%2012.0%2C%2013.0%2C%2014.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20Disclosure&color=brighgreen)

### Description

In vdec, there is a possible permission bypass due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08509508; Issue ID: ALPS08509508.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds