CVE-2024-20018 - Vulnerability Details - OpenCVE

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00739.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Mediatek	Mt7615 Software Development Kit

Configuration 1 [-]

AND

cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*

cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/March-2024

History

Tue, 22 Apr 2025 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek software Development Kit
CPEs		cpe:2.3:a:mediatek:software_development_kit::::::::
Vendors & Products		Mediatek software Development Kit

Thu, 27 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek Mediatek mt7615
Weaknesses		CWE-787
CPEs		cpe:2.3:h:mediatek:mt7615:-:::::::*
Vendors & Products		Mediatek Mediatek mt7615
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 27 Aug 2024 22:00:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-03-04T02:43:26.082Z

Updated: 2025-03-27T14:48:29.465Z

Reserved: 2023-11-02T13:35:35.150Z

Link: CVE-2024-20018

Vulnrichment

Updated: 2024-08-01T21:52:31.542Z

NVD

Status : Analyzed

Published: 2024-03-04T03:15:07.017

Modified: 2025-04-22T20:36:34.053

Link: CVE-2024-20018

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20018", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2023-11-02T13:35:35.150Z", "datePublished": "2024-03-04T02:43:26.082Z", "dateUpdated": "2025-03-27T14:48:29.465Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-03-04T02:43:26.082Z"}, "descriptions": [{"lang": "en", "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT7615", "versions": [{"version": "SDK version 5.1.0.0 and before", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.542Z"}, "title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "mediatek", "product": "mt7615", "cpes": ["cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.1.0.0", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-14T19:54:39.773957Z", "id": "CVE-2024-20018", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T14:48:29.465Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:52:31.542Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-20018", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-03-14T19:54:39.773957Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt7615", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.1.0.0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T20:24:30.666Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT7615", "versions": [{"status": "affected", "version": "SDK version 5.1.0.0 and before"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "descriptions": [{"lang": "en", "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2024-03-04T02:43:26.082Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20018", "state": "PUBLISHED", "dateUpdated": "2025-03-27T14:48:29.465Z", "dateReserved": "2023-11-02T13:35:35.150Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2024-03-04T02:43:26.082Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "B79B741E-4926-404D-AB0C-01E605332129", "versionEndIncluding": "5.1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt7615:-:*:*:*:*:*:*:*", "matchCriteriaId": "05748BB1-0D48-4097-932E-E8E2E574FD8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019."}, {"lang": "es", "value": "En el controlador WLAN, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n. ID de parche: WCNCR00348479; ID del problema: MSV-1019."}], "id": "CVE-2024-20018", "lastModified": "2025-04-22T20:36:34.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-04T03:15:07.017", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/March-2024"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}