6.5

CVE-2024-20139

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Vendormediatek
Product mt2737
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt3605
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt6985
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt6989
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt6990
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt7925
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt7927
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt8518s
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt8532
Default Statusunknown
Version <= *
Version 0
Status affected
Vendormediatek
Product mt8678
Default Statusunknown
Version <= *
Version 0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.051
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.