CVE-2024-20094

10/7/2024 3:15:00 AM
8 ماه قبل
2 ماه قبل
12
Reporter :security@mediatek.com
Modified :10/7/2024 3:15:00 AM
Problem Data :CWE-617,NVD-CWE-noinfo

Description

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.

Cvss Version 3.1

7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High

EPSS

Epss Score 0.00182
Epss Percentile 0.40519

ریسک پائین:: این آسیب پذیری احتمال ارائه Exploit پائینی دارد. به روز رسانی و نظارت معمولی را لحاظ نمائید.

پیشنهادات:
  • به بروزرسانی مداوم سیستم و یا شبکه خود ادامه دهید.
  • از بروزرسانی های آتی این آسیب پذیری مطلع شوید.

Affected Products (Configurations)

CPE Vendor Product Version Start Version End
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:* mediatek mt8771 - *
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:* mediatek mt8791t - *
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:* mediatek mt6889 - *
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:* mediatek mt8791 - *
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* mediatek mt6883 - *
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* mediatek mt6873 - *
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* mediatek mt6885 - *
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:* mediatek nr15 - *
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:* mediatek mt6875t - *
cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:* mediatek mt2735 - *
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* mediatek mt6891 - *
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* mediatek mt8797 - *
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* mediatek mt6877 - *
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* mediatek mt6855 - *
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* mediatek mt6853 - *
cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:* mediatek mt8675 - *
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* mediatek mt6893 - *
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* mediatek mt6880 - *
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* mediatek mt6875 - *
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* mediatek mt6890 - *
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* mediatek mt6833 - *

Reference

لینک منبع تگ ها
https://corp.mediatek.com/product-security-bulletin/October-2024 Vendor Advisory