ГлавнаяУязвимости → CVE-2024-20003
7.5высокая

CVE-2024-20003

Описание

In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981).

Затрагиваемое ПО
Mediatek Nr15Mediatek Mt2735Mediatek Mt6297Mediatek Mt6833Mediatek Mt6853Mediatek Mt6855Mediatek Mt6873Mediatek Mt6875Mediatek Mt6875tMediatek Mt6877Mediatek Mt6880Mediatek Mt6883Mediatek Mt6885Mediatek Mt6889Mediatek Mt6890Mediatek Mt6891Mediatek Mt6893Mediatek Mt8675Mediatek Mt8791Mediatek Mt8791tMediatek Mt8797
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/February-2024https://corp.mediatek.com/product-security-bulletin/February-2024