Input Validation Flaw in Modem Software from MediaTek
CVE-2024-20149
Key Information:
- Vendor
- MediaTek
- Vendor
- CVE Published:
- 6 January 2025
Summary
An input validation flaw in MediaTek's Modem software allows for the potential occurrence of a system crash. This vulnerability can be exploited remotely, resulting in a denial of service without requiring any privileges or user interaction. The issue has been identified in the modem software with specific patch IDs including MOLY01231341, MOLY01263331, and MOLY01233835, highlighting the importance of timely updates to mitigate risks.
Affected Version(s)
MT2735, MT2737, MT6767, MT6768, MT6769, MT6769K, MT6769S, MT6769T, MT6769Z, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6878, MT6878M, MT6879, MT6880, MT6880T, MT6880U, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8863 Modem LR12A, LR13, NR15, NR16, NR17.R1, NR17.R2
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved