ГлавнаяУязвимости → CVE-2024-20138
7.5высокая

CVE-2024-20138

Описание

In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.

Затрагиваемое ПО
Mediatek Software development kitGoogle AndroidMediatek Mt3605Mediatek Mt6985Mediatek Mt6989Mediatek Mt6990Mediatek Mt7925Mediatek Mt7927Mediatek Mt8195Mediatek Mt8370Mediatek Mt8390
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://corp.mediatek.com/product-security-bulletin/December-2024