7.5

CVE-2024-20066

In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MediatekNr16 Version-
   MediatekMt6298 Version-
   MediatekMt6813 Version-
   MediatekMt6815 Version-
   MediatekMt6835 Version-
   MediatekMt6878 Version-
   MediatekMt6879 Version-
   MediatekMt6895 Version-
   MediatekMt6895t Version-
   MediatekMt6896 Version-
   MediatekMt6897 Version-
   MediatekMt6899 Version-
   MediatekMt6980 Version-
   MediatekMt6980d Version-
   MediatekMt6983 Version-
   MediatekMt6986 Version-
   MediatekMt6986d Version-
   MediatekMt6990 Version-
   MediatekMt6991 Version-
   MediatekMt8673 Version-
   MediatekMt8792 Version-
   MediatekMt8798 Version-
MediatekNr17 Version-
   MediatekMt6298 Version-
   MediatekMt6813 Version-
   MediatekMt6815 Version-
   MediatekMt6835 Version-
   MediatekMt6878 Version-
   MediatekMt6879 Version-
   MediatekMt6895 Version-
   MediatekMt6895t Version-
   MediatekMt6896 Version-
   MediatekMt6897 Version-
   MediatekMt6899 Version-
   MediatekMt6980 Version-
   MediatekMt6980d Version-
   MediatekMt6983 Version-
   MediatekMt6986 Version-
   MediatekMt6986d Version-
   MediatekMt6990 Version-
   MediatekMt6991 Version-
   MediatekMt8673 Version-
   MediatekMt8792 Version-
   MediatekMt8798 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.1% 0.863
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.