CVE-2024-20102
10/7/2024 3:15:00 AM
2 ماه قبل
2 ماه قبل
3
Reporter :security@mediatek.com
Modified :10/7/2024 3:15:00 AM
Problem Data :CWE-125
Description
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601.
Cvss Version 3.1
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
| Attack Vector | Network |
| Attack Complexity | Low |
| Privileges Required | High |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | High |
| Integrity Impact | None |
| Availability Impact | None |