7.5

CVE-2024-20153

EPSS 0.15%
Veröffentlicht 06.01.2025 04:15:07
Zuletzt bearbeitet 12.01.2026 16:20:48
Quelle security@mediatek.com
CVE-Watchlists
Login
Unerledigt
Login

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linuxfoundation ≫ Yocto Version3.3

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Linuxfoundation ≫ Yocto Version4.0

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Linuxfoundation ≫ Yocto Version5.0

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Mediatek ≫ Software Development Kit Version <= 3.5

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Google ≫ Android Version14.0

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Google ≫ Android Version15.0

   Mediatek ≫ Mt2737 Version-
   Mediatek ≫ Mt6989 Version-
   Mediatek ≫ Mt6991 Version-
   Mediatek ≫ Mt7925 Version-
   Mediatek ≫ Mt8365 Version-
   Mediatek ≫ Mt8518s Version-
   Mediatek ≫ Mt8532 Version-
   Mediatek ≫ Mt8666 Version-
   Mediatek ≫ Mt8667 Version-
   Mediatek ≫ Mt8673 Version-
   Mediatek ≫ Mt8676 Version-
   Mediatek ≫ Mt8678 Version-
   Mediatek ≫ Mt8755 Version-
   Mediatek ≫ Mt8766 Version-
   Mediatek ≫ Mt8768 Version-
   Mediatek ≫ Mt8775 Version-
   Mediatek ≫ Mt8781 Version-
   Mediatek ≫ Mt8786 Version-
   Mediatek ≫ Mt8788 Version-
   Mediatek ≫ Mt8796 Version-
   Mediatek ≫ Mt8798 Version-
   Mediatek ≫ Mt8893 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.364

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-304 Missing Critical Step in Authentication

The product implements an authentication technique, but it skips a step that weakens the technique.

https://corp.mediatek.com/product-security-bulletin/January-2025

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-20153

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-20153

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-20153

EUVD