In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430.
References
Link | Resource |
---|---|
https://corp.mediatek.com/product-security-bulletin/June-2024 | Vendor Advisory |
https://corp.mediatek.com/product-security-bulletin/June-2024 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
25 Apr 2025, 18:38
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other | |
CPE | cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6855:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6891:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6875t:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6875:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8791t:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8771:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8675:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:* cpe:2.3:o:mediatek:nr15:-:*:*:*:*:*:*:* cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* |
|
First Time |
Mediatek nr15
Mediatek mt6875t Mediatek mt6833 Mediatek mt8771 Mediatek mt6885 Mediatek mt8675 Mediatek mt8797 Mediatek mt8791t Mediatek mt6883 Mediatek mt6877 Mediatek mt6893 Mediatek mt6889 Mediatek Mediatek mt6891 Mediatek mt6855 Mediatek mt6875 Mediatek mt6853 Mediatek mt6873 |
|
References | () https://corp.mediatek.com/product-security-bulletin/June-2024 - Vendor Advisory |
21 Nov 2024, 08:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://corp.mediatek.com/product-security-bulletin/June-2024 - |
01 Aug 2024, 13:46
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
06 Jun 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430. |
03 Jun 2024, 14:46
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
03 Jun 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-03 02:15
Updated : 2025-04-25 18:38
NVD link : CVE-2024-20069
Mitre link : CVE-2024-20069
CVE.ORG link : CVE-2024-20069
JSON object : View
Products Affected
mediatek
- mt8771
- mt6883
- mt6885
- mt6889
- nr15
- mt6855
- mt6833
- mt6877
- mt8797
- mt6873
- mt6891
- mt8791t
- mt8675
- mt6893
- mt6853
- mt6875t
- mt6875
CWE