Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-20100


In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603.


Published

2024-10-07T03:15:03.273

Last Modified

2025-04-25T18:36:53.990

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-787
  • Type: Primary
    CWE-787

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application mediatek iot_yocto 24.0 Yes
Application mediatek software_development_kit ≤ 3.3 Yes
Operating System google android 12.0 Yes
Operating System google android 13.0 Yes
Operating System google android 14.0 Yes
Hardware mediatek mt3605 - No
Hardware mediatek mt6985 - No
Hardware mediatek mt6989 - No
Hardware mediatek mt6990 - No
Hardware mediatek mt7927 - No
Hardware mediatek mt8183 - No
Hardware mediatek mt8365 - No
Hardware mediatek mt8512 - No
Hardware mediatek mt8676 - No
Hardware mediatek mt8678 - No
Hardware mediatek mt8695 - No
Hardware mediatek mt8698 - No
Hardware mediatek mt8755 - No
Hardware mediatek mt8775 - No
Hardware mediatek mt8792 - No
Hardware mediatek mt8796 - No

References