Possible Out-of-Bounds Write in WLAN Firmware Could Lead to Remote Escalation of Privilege
CVE-2024-20040

8.8HIGH

Key Information:

Vendor
MediaTek
Status
Mt2713, Mt6580, Mt6761, Mt6762, Mt6768, Mt6781, Mt6789, Mt6833, Mt6853, Mt6853t, Mt6855, Mt6873, Mt6875, Mt6877, Mt6879, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6983, Mt6985, Mt6989, Mt6990, Mt7902, Mt7915, Mt7916, Mt7920, Mt7921, Mt7922, Mt7925, Mt7927, Mt7981, Mt7986, Mt8188, Mt8195, Mt8370, Mt8390, Mt8395, Mt8518s, Mt8532, Mt8673, Mt8678, Mt8781, Mt8791t, Mt8792, Mt8796, Mt8797, Mt8798
Vendor
CVE Published:
1 April 2024

Summary

An out of bounds write vulnerability exists in MediaTek WLAN firmware due to improper input validation. This flaw enables remote escalation of privilege, allowing unauthorized access without requiring any user interaction. The issue affects MT6XXX and MT79XX chipsets, and corrective patches have been released under Patch ID ALPS08360153 and WCNCR00363530 respectively. It is crucial for users of affected products to apply the relevant security updates to mitigate potential risks.

Affected Version(s)

MT2713, MT6580, MT6761, MT6762, MT6768, MT6781, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6983, MT6985, MT6989, MT6990, MT7902, MT7915, MT7916, MT7920, MT7921, MT7922, MT7925, MT7927, MT7981, MT7986, MT8188, MT8195, MT8370, MT8390, MT8395, MT8518S, MT8532, MT8673, MT8678, MT8781, MT8791T, MT8792, MT8796, MT8797, MT8798 Android 12.0, 13.0, 14.0 / Linux 4.19 / Yocto 3.3, 4.0 / OpenWrt 19.07, 21.02 / RDK-B 22Q3

References

https://corp.mediatek.com/product-security-bulletin/April...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.