Possible Out of Bounds Write in Modem Protocol Could Lead to Remote Code Execution
CVE-2024-20039

Currently unrated

Key Information:

Vendor
MediaTek
Status
Mt2731, Mt2735, Mt2737, Mt3967, Mt6297, Mt6298, Mt6739, Mt6761, Mt6762, Mt6762d, Mt6762m, Mt6763, Mt6765, Mt6765t, Mt6767, Mt6768, Mt6769, Mt6769t, Mt6769z, Mt6771, Mt6779, Mt6781, Mt6783, Mt6785, Mt6785t, Mt6785u, Mt6789, Mt6813, Mt6815, Mt6833, Mt6835, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983, Mt6985, Mt6986, Mt6986d, Mt6989, Mt6990, Mt8666, Mt8667, Mt8673, Mt8675, Mt8676, Mt8765, Mt8766, Mt8768, Mt8781, Mt8786, Mt8788, Mt8791, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798
Vendor
CVE Published:
1 April 2024

Summary

In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.

Affected Version(s)

MT2731, MT2735, MT2737, MT3967, MT6297, MT6298, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8676, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798 Modem LR12A, LR13, NR15, NR16, NR17

References

https://corp.mediatek.com/product-security-bulletin/April...

Timeline

  • Vulnerability published

.