Lucene search

[email protected]NVD:CVE-2024-20089

HistorySep 02, 2024 - 5:15 a.m.

CVE-2024-20089

2024-09-0205:15:15

CWE-703

CWE-754

[email protected]

web.nvd.nist.gov

wlan

denial of service

incorrect error handling

remote

exploitation

patch id

issue id

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08861558; Issue ID: MSV-1526.

Affected configurations

Nvd

Node

linuxfoundationyoctoMatch2.6

linuxfoundationyoctoMatch3.3

linuxfoundationyoctoMatch4.0

rdkcentralrdk-bMatch2022q3

googleandroidMatch13.0

googleandroidMatch14.0

AND

mediatekmt6835Match-

mediatekmt6878Match-

mediatekmt6886Match-

mediatekmt6897Match-

mediatekmt6980Match-

mediatekmt6985Match-

mediatekmt6989Match-

mediatekmt6990Match-

mediatekmt8678Match-

mediatekmt8775Match-

mediatekmt8792Match-

mediatekmt8796Match-

VendorProductVersionCPE
linuxfoundationyocto2.6cpe:2.3:a:linuxfoundation:yocto:2.6:*:*:*:*:*:*:*
linuxfoundationyocto3.3cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*
linuxfoundationyocto4.0cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*
rdkcentralrdk-b2022q3cpe:2.3:a:rdkcentral:rdk-b:2022q3:*:*:*:*:*:*:*
googleandroid13.0cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
googleandroid14.0cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
mediatekmt6835-cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*
mediatekmt6878-cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*
mediatekmt6886-cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*
mediatekmt6897-cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linuxfoundation	yocto	2.6	cpe:2.3:a:linuxfoundation:yocto:2.6:::::::*
linuxfoundation	yocto	3.3	cpe:2.3:a:linuxfoundation:yocto:3.3:::::::*
linuxfoundation	yocto	4.0	cpe:2.3:a:linuxfoundation:yocto:4.0:::::::*
rdkcentral	rdk-b	2022q3	cpe:2.3:a:rdkcentral:rdk-b:2022q3:::::::*
google	android	13.0	cpe:2.3:o:google:android:13.0:::::::*
google	android	14.0	cpe:2.3:o:google:android:14.0:::::::*
mediatek	mt6835	-	cpe:2.3:h:mediatek:mt6835:-:::::::*
mediatek	mt6878	-	cpe:2.3:h:mediatek:mt6878:-:::::::*
mediatek	mt6886	-	cpe:2.3:h:mediatek:mt6886:-:::::::*
mediatek	mt6897	-	cpe:2.3:h:mediatek:mt6897:-:::::::*

Rows per page:

1-10 of 181

References

corp.mediatek.com/product-security-bulletin/September-2024

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

17.7%

JSON

Related for NVD:CVE-2024-20089

vulnrichment1 cvelist1 cve1