Possible Out-of-Bounds Write in WLAN Firmware Could Lead to Remote Escalation of Privilege
CVE-2024-20040
Key Information:
- Vendor
MediaTek
- Vendor
- CVE Published:
- 1 April 2024
What is CVE-2024-20040?
An out of bounds write vulnerability exists in MediaTek WLAN firmware due to improper input validation. This flaw enables remote escalation of privilege, allowing unauthorized access without requiring any user interaction. The issue affects MT6XXX and MT79XX chipsets, and corrective patches have been released under Patch ID ALPS08360153 and WCNCR00363530 respectively. It is crucial for users of affected products to apply the relevant security updates to mitigate potential risks.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
MT2713, MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT6990, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8188, MT8195, MT8370, MT8390, MT8395, MT8518S, MT8532, MT8673, MT8678, MT8781, MT8791T, MT8792, MT8796, MT8797, MT8798 Android 12.0, 13.0, 14.0 / Linux 4.19 / Yocto 3.3, 4.0 / OpenWrt 19.07, 21.02 / RDK-B 22Q3
References
CVSS V3.1
Timeline
Vulnerability published