CVE-2024-20154
06.01.2025, 04:15
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mediatek | lr12a | - |
| mediatek | lr13 | - |
| mediatek | nr16.r1.mp | - |
| mediatek | nr16.r1.mp1mp2.mp | - |
| mediatek | nr16.r2.mp | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.