Possible Memory Corruption in Modem Leads to Remote Code Execution
CVE-2024-20082

Currently unrated

Key Information:

Vendor: MediaTek
Status: Mt2735, Mt2737, Mt6833, Mt6835, Mt6835t, Mt6853, Mt6855, Mt6873, Mt6875, Mt6875t, Mt6877, Mt6879, Mt6880, Mt6883, Mt6885, Mt6886, Mt6889, Mt6890, Mt6891, Mt6893, Mt6895, Mt6895t, Mt6896, Mt6897, Mt6980, Mt6980d, Mt6983, Mt6985, Mt6989, Mt6990
Vendor: CVE Published:; 14 August 2024

What is CVE-2024-20082?

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MT2735, MT2737, MT6833, MT6835, MT6835T, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6989, MT6990 Modem NR15, NR16, NR17

References

https://corp.mediatek.com/product-security-bulletin/Augus...

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 14, 2024
Vulnerability Reserved
Nov 2, 2023

JSON

MediaTek