6.5

CVE-2024-20139

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001270; Issue ID: MSV-1600.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellermediatek
Produkt mt2737
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt3605
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt6985
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt6989
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt6990
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt7925
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt7927
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt8518s
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt8532
Default Statusunknown
Version <= *
Version 0
Status affected
Herstellermediatek
Produkt mt8678
Default Statusunknown
Version <= *
Version 0
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.051
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.