CVE-2024-20149

EPSS 0.96%
Veröffentlicht 06.01.2025 04:15:07
Zuletzt bearbeitet 12.01.2026 16:23:30
Quelle security@mediatek.com
CVE-Watchlists
Login
Unerledigt
Login

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY01263331 / MOLY01233835; Issue ID: MSV-2165.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mediatek ≫ Lr12 Version-

   Mediatek ≫ Mt2735 Version-
   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6767 Version-
   Mediatek ≫ Mt6768 Version-
   Mediatek ≫ Mt6769 Version-
   Mediatek ≫ Mt6769k Version-
   Mediatek ≫ Mt6769s Version-
   Mediatek ≫ Mt6769t Version-
   Mediatek ≫ Mt6769z Version-
   Mediatek ≫ Mt6779 Version-
   Mediatek ≫ Mt6781 Version-
   Mediatek ≫ Mt6783 Version-
   Mediatek ≫ Mt6785 Version-
   Mediatek ≫ Mt6785t Version-
   Mediatek ≫ Mt6785u Version-
   Mediatek ≫ Mt6789 Version-
   Mediatek ≫ Mt6833p Version-
   Mediatek ≫ Mt6835 Version-
   Mediatek ≫ Mt6835t Version-
   Mediatek ≫ Mt6853 Version-
   Mediatek ≫ Mt6853t Version-
   Mediatek ≫ Mt6855 Version-
   Mediatek ≫ Mt6855t Version-
   Mediatek ≫ Mt6873 Version-
   Mediatek ≫ Mt6875 Version-
   Mediatek ≫ Mt6875t Version-
   Mediatek ≫ Mt6877 Version-
   Mediatek ≫ Mt6877t Version-
   Mediatek ≫ Mt6877tt Version-
   Mediatek ≫ Mt6878 Version-
   Mediatek ≫ Mt6878m Version-
   Mediatek ≫ Mt6879 Version-
   Mediatek ≫ Mt6880 Version-
   Mediatek ≫ Mt6880t Version-
   Mediatek ≫ Mt6880u Version-
   Mediatek ≫ Mt6883 Version-
   Mediatek ≫ Mt6885 Version-
   Mediatek ≫ Mt6886 Version-
   Mediatek ≫ Mt6889 Version-
   Mediatek ≫ Mt6890 Version-
   Mediatek ≫ Mt6891 Version-
   Mediatek ≫ Mt6893 Version-
   Mediatek ≫ Mt6895 Version-
   Mediatek ≫ Mt6895tt Version-
   Mediatek ≫ Mt6896 Version-
   Mediatek ≫ Mt6897 Version-
   Mediatek ≫ Mt6899 Version-
   Mediatek ≫ Mt6980 Version-
   Mediatek ≫ Mt6980d Version-
   Mediatek ≫ Mt6983t Version-
   Mediatek ≫ Mt6985 Version-
   Mediatek ≫ Mt6985t Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6989t Version-
   Mediatek ≫ Mt6990 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8675 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8765 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8771 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8788e Version-
   Mediatek ≫ Mt8789 Version-
   Mediatek ≫ Mt8791t Version-
   Mediatek ≫ Mt8795t Version-
   Mediatek ≫ Mt8797 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8863 Version-

Mediatek ≫ Lr13 Version-

Mediatek ≫ Nr15 Version-

Mediatek ≫ Nr16 Version-

Mediatek ≫ Nr17.R1 Version-

Mediatek ≫ Nr17.R2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.96%	0.761

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1284 Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

https://corp.mediatek.com/product-security-bulletin/January-2025

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-20149

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-20149

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-20149

EUVD