CVE-2024-20089

EPSS 0.22%
Veröffentlicht 02.09.2024 05:15:15
Zuletzt bearbeitet 05.09.2024 14:28:02
Quelle security@mediatek.com
Teams Watchlist Login
Unerledigt Login

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linuxfoundation ≫ Yocto Version2.6

   Mediatek ≫ Mt6835 Version-
   Mediatek ≫ Mt6878 Version-
   Mediatek ≫ Mt6886 Version-
   Mediatek ≫ Mt6897 Version-
   Mediatek ≫ Mt6980 Version-
   Mediatek ≫ Mt6985 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6990 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8792 Version-
   Mediatek ≫ Mt8796 Version-

Linuxfoundation ≫ Yocto Version3.3

Linuxfoundation ≫ Yocto Version4.0

Rdkcentral ≫ Rdk-b Version2022q3

Google ≫ Android Version13.0

Google ≫ Android Version14.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.22%	0.449

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-703 Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://corp.mediatek.com/product-security-bulletin/September-2024

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-20089

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-20089

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-20089

EUVD