CVE-2024-20073

2024-06-0302:15:09

CWE-787

[email protected]

web.nvd.nist.gov

cve

2024

20073

nvd

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411.

Affected configurations

Vulners

Node

mediateknbiot_sdkRange<5.0.5.0

mediatekmt6890

mediatekmt7622

CNA Affected

[
  {
    "vendor": "MediaTek, Inc.",
    "product": "MT6890, MT7622",
    "versions": [
      {
        "version": "SDK version 5.0.5.0 and before / OpenWRT 19.07, 21.02",
        "status": "affected"
      }
    ]
  }
]

References

corp.mediatek.com/product-security-bulletin/June-2024