CVE-2024-20039 - Vulnerability Details

Description

In modem protocol, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01240012; Issue ID: MSV-1215.

Published: 2024-04-01

Score: 8.8 High

EPSS: 2.9% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

MediaTek, Inc.

MT2731, MT2735, MT2737, MT3967, MT6297, MT6298, MT6739, MT6761, MT6762, MT6762D, MT6762M, MT6763, MT6765, MT6765T, MT6767, MT6768, MT6769, MT6769T, MT6769Z, MT6771, MT6779, MT6781, MT6783, MT6785, MT6785T, MT6785U, MT6789, MT6813, MT6815, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6875T, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895T, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6985, MT6986, MT6986D, MT6989, MT6990, MT8666, MT8667, MT8673, MT8675, MT8676, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8791, MT8791T, MT8792, MT8796, MT8797, MT8798

affected

Version	Status	Constraints
`Modem LR12A, LR13, NR15, NR16, NR17`	affected	—

Configuration 1 [-]

AND

OR	cpe:2.3:o:mediatek:lr12a:-:::::::*
	cpe:2.3:o:mediatek:lr13:-:::::::*
	cpe:2.3:o:mediatek:nr15:-:::::::*
	cpe:2.3:o:mediatek:nr16:-:::::::*
	cpe:2.3:o:mediatek:nr17:-:::::::*

OR	cpe:2.3:h:mediatek:mt2731:-:::::::*
	cpe:2.3:h:mediatek:mt2735:-:::::::*
	cpe:2.3:h:mediatek:mt2737:-:::::::*
	cpe:2.3:h:mediatek:mt3967:-:::::::*
	cpe:2.3:h:mediatek:mt6297:-:::::::*
	cpe:2.3:h:mediatek:mt6298:-:::::::*
	cpe:2.3:h:mediatek:mt6739:-:::::::*
	cpe:2.3:h:mediatek:mt6761:-:::::::*
	cpe:2.3:h:mediatek:mt6762:-:::::::*
	cpe:2.3:h:mediatek:mt6762d:-:::::::*
	cpe:2.3:h:mediatek:mt6762m:-:::::::*
	cpe:2.3:h:mediatek:mt6763:-:::::::*
	cpe:2.3:h:mediatek:mt6765:-:::::::*
	cpe:2.3:h:mediatek:mt6765t:-:::::::*
	cpe:2.3:h:mediatek:mt6767:-:::::::*
	cpe:2.3:h:mediatek:mt6768:-:::::::*
	cpe:2.3:h:mediatek:mt6769:-:::::::*
	cpe:2.3:h:mediatek:mt6769t:-:::::::*
	cpe:2.3:h:mediatek:mt6769z:-:::::::*
	cpe:2.3:h:mediatek:mt6771:-:::::::*
	cpe:2.3:h:mediatek:mt6779:-:::::::*
	cpe:2.3:h:mediatek:mt6781:-:::::::*
	cpe:2.3:h:mediatek:mt6783:-:::::::*
	cpe:2.3:h:mediatek:mt6785:-:::::::*
	cpe:2.3:h:mediatek:mt6785t:-:::::::*
	cpe:2.3:h:mediatek:mt6785u:-:::::::*
	cpe:2.3:h:mediatek:mt6789:-:::::::*
	cpe:2.3:h:mediatek:mt6813:-:::::::*
	cpe:2.3:h:mediatek:mt6815:-:::::::*
	cpe:2.3:h:mediatek:mt6833:-:::::::*
	cpe:2.3:h:mediatek:mt6835:-:::::::*
	cpe:2.3:h:mediatek:mt6853:-:::::::*
	cpe:2.3:h:mediatek:mt6855:-:::::::*
	cpe:2.3:h:mediatek:mt6873:-:::::::*
	cpe:2.3:h:mediatek:mt6875:-:::::::*
	cpe:2.3:h:mediatek:mt6875t:-:::::::*
	cpe:2.3:h:mediatek:mt6877:-:::::::*
	cpe:2.3:h:mediatek:mt6879:-:::::::*
	cpe:2.3:h:mediatek:mt6880:-:::::::*
	cpe:2.3:h:mediatek:mt6883:-:::::::*
	cpe:2.3:h:mediatek:mt6885:-:::::::*
	cpe:2.3:h:mediatek:mt6886:-:::::::*
	cpe:2.3:h:mediatek:mt6889:-:::::::*
	cpe:2.3:h:mediatek:mt6890:-:::::::*
	cpe:2.3:h:mediatek:mt6891:-:::::::*
	cpe:2.3:h:mediatek:mt6893:-:::::::*
	cpe:2.3:h:mediatek:mt6895:-:::::::*
	cpe:2.3:h:mediatek:mt6895t:-:::::::*
	cpe:2.3:h:mediatek:mt6896:-:::::::*
	cpe:2.3:h:mediatek:mt6897:-:::::::*
	cpe:2.3:h:mediatek:mt6980:-:::::::*
	cpe:2.3:h:mediatek:mt6980d:-:::::::*
	cpe:2.3:h:mediatek:mt6983:-:::::::*
	cpe:2.3:h:mediatek:mt6985:-:::::::*
	cpe:2.3:h:mediatek:mt6986:-:::::::*
	cpe:2.3:h:mediatek:mt6986d:-:::::::*
	cpe:2.3:h:mediatek:mt6989:-:::::::*
	cpe:2.3:h:mediatek:mt6990:-:::::::*
	cpe:2.3:h:mediatek:mt8666:-:::::::*
	cpe:2.3:h:mediatek:mt8667:-:::::::*
	cpe:2.3:h:mediatek:mt8673:-:::::::*
	cpe:2.3:h:mediatek:mt8675:-:::::::*
	cpe:2.3:h:mediatek:mt8676:-:::::::*
	cpe:2.3:h:mediatek:mt8765:-:::::::*
cpe:2.3:h:mediatek:mt8766:-:::::::*
cpe:2.3:h:mediatek:mt8768:-:::::::*
cpe:2.3:h:mediatek:mt8781:-:::::::*
cpe:2.3:h:mediatek:mt8786:-:::::::*
cpe:2.3:h:mediatek:mt8788:-:::::::*
cpe:2.3:h:mediatek:mt8791:-:::::::*
cpe:2.3:h:mediatek:mt8791t:-:::::::*
cpe:2.3:h:mediatek:mt8792:-:::::::*
cpe:2.3:h:mediatek:mt8796:-:::::::*
cpe:2.3:h:mediatek:mt8797:-:::::::*
cpe:2.3:h:mediatek:mt8798:-:::::::*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.02881.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://corp.mediatek.com/product-security-bulletin/April-2024

History

Wed, 23 Apr 2025 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mediatek Mediatek lr12a Mediatek lr13 Mediatek mt2731 Mediatek mt2735 Mediatek mt2737 Mediatek mt3967 Mediatek mt6297 Mediatek mt6298 Mediatek mt6739 Mediatek mt6761 Mediatek mt6762 Mediatek mt6762d Mediatek mt6762m Mediatek mt6763 Mediatek mt6765 Mediatek mt6765t Mediatek mt6767 Mediatek mt6768 Mediatek mt6769 Mediatek mt6769t Mediatek mt6769z Mediatek mt6771 Mediatek mt6779 Mediatek mt6781 Mediatek mt6783 Mediatek mt6785 Mediatek mt6785t Mediatek mt6785u Mediatek mt6789 Mediatek mt6813 Mediatek mt6815 Mediatek mt6833 Mediatek mt6835 Mediatek mt6853 Mediatek mt6855 Mediatek mt6873 Mediatek mt6875 Mediatek mt6875t Mediatek mt6877 Mediatek mt6879 Mediatek mt6880 Mediatek mt6883 Mediatek mt6885 Mediatek mt6886 Mediatek mt6889 Mediatek mt6890 Mediatek mt6891 Mediatek mt6893 Mediatek mt6895 Mediatek mt6895t Mediatek mt6896 Mediatek mt6897 Mediatek mt6980 Mediatek mt6980d Mediatek mt6983 Mediatek mt6985 Mediatek mt6986 Mediatek mt6986d Mediatek mt6989 Mediatek mt6990 Mediatek mt8666 Mediatek mt8667 Mediatek mt8673 Mediatek mt8675 Mediatek mt8676 Mediatek mt8765 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788 Mediatek mt8791 Mediatek mt8791t Mediatek mt8792 Mediatek mt8796 Mediatek mt8797 Mediatek mt8798 Mediatek nr15 Mediatek nr16 Mediatek nr17
CPEs		cpe:2.3:h:mediatek:mt2731:-:::::::* cpe:2.3:h:mediatek:mt2735:-:::::::* cpe:2.3:h:mediatek:mt2737:-:::::::* cpe:2.3:h:mediatek:mt3967:-:::::::* cpe:2.3:h:mediatek:mt6297:-:::::::* cpe:2.3:h:mediatek:mt6298:-:::::::* cpe:2.3:h:mediatek:mt6739:-:::::::* cpe:2.3:h:mediatek:mt6761:-:::::::* cpe:2.3:h:mediatek:mt6762:-:::::::* cpe:2.3:h:mediatek:mt6762d:-:::::::* cpe:2.3:h:mediatek:mt6762m:-:::::::* cpe:2.3:h:mediatek:mt6763:-:::::::* cpe:2.3:h:mediatek:mt6765:-:::::::* cpe:2.3:h:mediatek:mt6765t:-:::::::* cpe:2.3:h:mediatek:mt6767:-:::::::* cpe:2.3:h:mediatek:mt6768:-:::::::* cpe:2.3:h:mediatek:mt6769:-:::::::* cpe:2.3:h:mediatek:mt6769t:-:::::::* cpe:2.3:h:mediatek:mt6769z:-:::::::* cpe:2.3:h:mediatek:mt6771:-:::::::* cpe:2.3:h:mediatek:mt6779:-:::::::* cpe:2.3:h:mediatek:mt6781:-:::::::* cpe:2.3:h:mediatek:mt6783:-:::::::* cpe:2.3:h:mediatek:mt6785:-:::::::* cpe:2.3:h:mediatek:mt6785t:-:::::::* cpe:2.3:h:mediatek:mt6785u:-:::::::* cpe:2.3:h:mediatek:mt6789:-:::::::* cpe:2.3:h:mediatek:mt6813:-:::::::* cpe:2.3:h:mediatek:mt6815:-:::::::* cpe:2.3:h:mediatek:mt6833:-:::::::* cpe:2.3:h:mediatek:mt6835:-:::::::* cpe:2.3:h:mediatek:mt6853:-:::::::* cpe:2.3:h:mediatek:mt6855:-:::::::* cpe:2.3:h:mediatek:mt6873:-:::::::* cpe:2.3:h:mediatek:mt6875:-:::::::* cpe:2.3:h:mediatek:mt6875t:-:::::::* cpe:2.3:h:mediatek:mt6877:-:::::::* cpe:2.3:h:mediatek:mt6879:-:::::::* cpe:2.3:h:mediatek:mt6880:-:::::::* cpe:2.3:h:mediatek:mt6883:-:::::::* cpe:2.3:h:mediatek:mt6885:-:::::::* cpe:2.3:h:mediatek:mt6886:-:::::::* cpe:2.3:h:mediatek:mt6889:-:::::::* cpe:2.3:h:mediatek:mt6890:-:::::::* cpe:2.3:h:mediatek:mt6891:-:::::::* cpe:2.3:h:mediatek:mt6893:-:::::::* cpe:2.3:h:mediatek:mt6895:-:::::::* cpe:2.3:h:mediatek:mt6895t:-:::::::* cpe:2.3:h:mediatek:mt6896:-:::::::* cpe:2.3:h:mediatek:mt6897:-:::::::* cpe:2.3:h:mediatek:mt6980:-:::::::* cpe:2.3:h:mediatek:mt6980d:-:::::::* cpe:2.3:h:mediatek:mt6983:-:::::::* cpe:2.3:h:mediatek:mt6985:-:::::::* cpe:2.3:h:mediatek:mt6986:-:::::::* cpe:2.3:h:mediatek:mt6986d:-:::::::* cpe:2.3:h:mediatek:mt6989:-:::::::* cpe:2.3:h:mediatek:mt6990:-:::::::* cpe:2.3:h:mediatek:mt8666:-:::::::* cpe:2.3:h:mediatek:mt8667:-:::::::* cpe:2.3:h:mediatek:mt8673:-:::::::* cpe:2.3:h:mediatek:mt8675:-:::::::* cpe:2.3:h:mediatek:mt8676:-:::::::* cpe:2.3:h:mediatek:mt8765:-:::::::* cpe:2.3:h:mediatek:mt8766:-:::::::* cpe:2.3:h:mediatek:mt8768:-:::::::* cpe:2.3:h:mediatek:mt8781:-:::::::* cpe:2.3:h:mediatek:mt8786:-:::::::* cpe:2.3:h:mediatek:mt8788:-:::::::* cpe:2.3:h:mediatek:mt8791:-:::::::* cpe:2.3:h:mediatek:mt8791t:-:::::::* cpe:2.3:h:mediatek:mt8792:-:::::::* cpe:2.3:h:mediatek:mt8796:-:::::::* cpe:2.3:h:mediatek:mt8797:-:::::::* cpe:2.3:h:mediatek:mt8798:-:::::::* cpe:2.3:o:mediatek:lr12a:-:::::::* cpe:2.3:o:mediatek:lr13:-:::::::* cpe:2.3:o:mediatek:nr15:-:::::::* cpe:2.3:o:mediatek:nr16:-:::::::* cpe:2.3:o:mediatek:nr17:-:::::::*
Vendors & Products		Mediatek Mediatek lr12a Mediatek lr13 Mediatek mt2731 Mediatek mt2735 Mediatek mt2737 Mediatek mt3967 Mediatek mt6297 Mediatek mt6298 Mediatek mt6739 Mediatek mt6761 Mediatek mt6762 Mediatek mt6762d Mediatek mt6762m Mediatek mt6763 Mediatek mt6765 Mediatek mt6765t Mediatek mt6767 Mediatek mt6768 Mediatek mt6769 Mediatek mt6769t Mediatek mt6769z Mediatek mt6771 Mediatek mt6779 Mediatek mt6781 Mediatek mt6783 Mediatek mt6785 Mediatek mt6785t Mediatek mt6785u Mediatek mt6789 Mediatek mt6813 Mediatek mt6815 Mediatek mt6833 Mediatek mt6835 Mediatek mt6853 Mediatek mt6855 Mediatek mt6873 Mediatek mt6875 Mediatek mt6875t Mediatek mt6877 Mediatek mt6879 Mediatek mt6880 Mediatek mt6883 Mediatek mt6885 Mediatek mt6886 Mediatek mt6889 Mediatek mt6890 Mediatek mt6891 Mediatek mt6893 Mediatek mt6895 Mediatek mt6895t Mediatek mt6896 Mediatek mt6897 Mediatek mt6980 Mediatek mt6980d Mediatek mt6983 Mediatek mt6985 Mediatek mt6986 Mediatek mt6986d Mediatek mt6989 Mediatek mt6990 Mediatek mt8666 Mediatek mt8667 Mediatek mt8673 Mediatek mt8675 Mediatek mt8676 Mediatek mt8765 Mediatek mt8766 Mediatek mt8768 Mediatek mt8781 Mediatek mt8786 Mediatek mt8788 Mediatek mt8791 Mediatek mt8791t Mediatek mt8792 Mediatek mt8796 Mediatek mt8797 Mediatek mt8798 Mediatek nr15 Mediatek nr16 Mediatek nr17

Subscriptions

Mediatek Lr12a Lr13 Mt2731 Mt2735 Mt2737 Mt3967 Mt6297 Mt6298 Mt6739 Mt6761 Mt6762 Mt6762d Mt6762m Mt6763 Mt6765 Mt6765t Mt6767 Mt6768 Mt6769 Mt6769t Mt6769z Mt6771 Mt6779 Mt6781 Mt6783 Mt6785 Mt6785t Mt6785u Mt6789 Mt6813 Mt6815 Mt6833 Mt6835 Mt6853 Mt6855 Mt6873 Mt6875 Mt6875t Mt6877 Mt6879 Mt6880 Mt6883 Mt6885 Mt6886 Mt6889 Mt6890 Mt6891 Mt6893 Mt6895 Mt6895t Mt6896 Mt6897 Mt6980 Mt6980d Mt6983 Mt6985 Mt6986 Mt6986d Mt6989 Mt6990 Mt8666 Mt8667 Mt8673 Mt8675 Mt8676 Mt8765 Mt8766 Mt8768 Mt8781 Mt8786 Mt8788 Mt8791 Mt8791t Mt8792 Mt8796 Mt8797 Mt8798 Nr15 Nr16 Nr17

MITRE

Status: PUBLISHED

Assigner: MediaTek

Published: 2024-04-01T02:34:49.330Z

Updated: 2024-08-01T21:52:31.735Z

Reserved: 2023-11-02T13:35:35.153Z

Link: CVE-2024-20039

Vulnrichment

Updated: 2024-08-01T21:52:31.735Z

NVD

Status : Analyzed

Published: 2024-04-01T03:15:07.780

Modified: 2025-04-23T13:48:41.747

Link: CVE-2024-20039

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-787

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object