9.8критическая
CVE-2024-20103
Описание
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.
Затрагиваемое ПО
Mediatek Software development kitGoogle AndroidMediatek Mt3605Mediatek Mt6985Mediatek Mt6989Mediatek Mt6990Mediatek Mt7927Mediatek Mt8183Mediatek Mt8512Mediatek Mt8678Mediatek Mt8695Mediatek Mt8698Mediatek Mt8796Mediatek Mt8893
CVSS
| Балл | 9.8 — критическая |
| Вектор | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Источники
https://corp.mediatek.com/product-security-bulletin/October-2024