ГлавнаяУязвимости → CVE-2024-20153
7.5высокая

CVE-2024-20153

Описание

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.

Затрагиваемое ПО
Linuxfoundation YoctoMediatek Software development kitGoogle AndroidMediatek Mt2737Mediatek Mt6989Mediatek Mt6991Mediatek Mt7925Mediatek Mt8365Mediatek Mt8518sMediatek Mt8532Mediatek Mt8666Mediatek Mt8667Mediatek Mt8673Mediatek Mt8676Mediatek Mt8678Mediatek Mt8755Mediatek Mt8766Mediatek Mt8768Mediatek Mt8775Mediatek Mt8781Mediatek Mt8786Mediatek Mt8788Mediatek Mt8796Mediatek Mt8798Mediatek Mt8893
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://corp.mediatek.com/product-security-bulletin/January-2025