CVE-2024-20094

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-20094
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00843282; Issue ID: MSV-1535.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://corp.mediatek.com/product-security-bulletin/October-2024 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
History

25 Apr 2025, 18:37

Type Values Removed Values Added
CWE NVD-CWE-noinfo
References () https://corp.mediatek.com/product-security-bulletin/October-2024 - () https://corp.mediatek.com/product-security-bulletin/October-2024 - Vendor Advisory
First Time Mediatek mt6873
Mediatek mt6889
Mediatek mt6885
Mediatek nr15
Mediatek mt6833
Mediatek mt8791
Mediatek mt6893
Mediatek mt6877
Mediatek mt6853
Mediatek mt6855
Mediatek mt6875t
Mediatek mt6875
Mediatek
Mediatek mt6883
Mediatek mt6890
Mediatek mt8791t
Mediatek mt8675
Mediatek mt6891
Mediatek mt8771
Mediatek mt8797
Mediatek mt6880
Mediatek mt2735
CPE cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:*
cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:*
cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:*
Information

Published : 2024-10-07 03:15

Updated : 2025-04-25 18:37

NVD link : CVE-2024-20094

Mitre link : CVE-2024-20094

CVE.ORG link : CVE-2024-20094

JSON object : View

Products Affected

mediatek

  • mt6885
  • mt8675
  • mt8771
  • mt6855
  • mt6883
  • mt8791t
  • mt6891
  • mt6880
  • mt6893
  • mt8797
  • mt8791
  • nr15
  • mt6873
  • mt6889
  • mt6890
  • mt2735
  • mt6833
  • mt6853
  • mt6877
  • mt6875
  • mt6875t
CWE
CWE-617

Reachable Assertion

NVD-CWE-noinfo