In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981).
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/February-2024 | Vendor Advisory |
https://corp.mediatek.com/product-security-bulletin/February-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 08:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://corp.mediatek.com/product-security-bulletin/February-2024 - Vendor Advisory |
09 Feb 2024, 02:01
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-20 | |
First Time |
Mediatek
Mediatek mt6873 Mediatek mt6880 Mediatek mt6297 Mediatek mt6893 Mediatek mt6855 Mediatek mt8791 Mediatek mt8675 Mediatek mt6885 Mediatek mt6875 Mediatek mt6853 Mediatek mt6833 Mediatek mt8791t Mediatek mt6877 Mediatek mt2735 Mediatek mt6883 Mediatek mt6891 Mediatek mt6875t Mediatek mt6889 Mediatek mt6890 Mediatek nr15 Mediatek mt8797 |
|
CPE | cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6880:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6297:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt2735:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:* |
|
References | () https://corp.mediatek.com/product-security-bulletin/February-2024 - Vendor Advisory |
05 Feb 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
05 Feb 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-05 06:15
Updated : 2024-11-21 08:51
NVD link : CVE-2024-20003
Mitre link : CVE-2024-20003
CVE.ORG link : CVE-2024-20003
JSON object : View
Products Affected
mediatek
- mt8791
- mt6893
- mt8791t
- nr15
- mt6875t
- mt6855
- mt6853
- mt2735
- mt6875
- mt6873
- mt6880
- mt6889
- mt8675
- mt6877
- mt6891
- mt6833
- mt6885
- mt6297
- mt8797
- mt6890
- mt6883
CWE
CWE-20
Improper Input Validation