ГлавнаяУязвимости → CVE-2024-20100
9.8критическая

CVE-2024-20100

Описание

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.

Затрагиваемое ПО
Mediatek Iot yoctoMediatek Software development kitGoogle AndroidMediatek Mt3605Mediatek Mt6985Mediatek Mt6989Mediatek Mt6990Mediatek Mt7927Mediatek Mt8183Mediatek Mt8365Mediatek Mt8512Mediatek Mt8676Mediatek Mt8678Mediatek Mt8695Mediatek Mt8698Mediatek Mt8755Mediatek Mt8775Mediatek Mt8792Mediatek Mt8796
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://corp.mediatek.com/product-security-bulletin/October-2024