CVE-2024-20094

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 7, 2024
CWE ID 617

Summary

CVE-2024-20094 is a vulnerability in certain Mediatek modem products, identified by a missing bounds check that could lead to remote denial of service without requiring user interaction or additional execution privileges. The affected products include various models such as wsdzGb, x-PImR, and others. This vulnerability has been rated with a high severity score of 7.5, indicating a significant risk to availability due to its low attack complexity and network exploitability. To remediate the issue, users should apply the relevant patch identified as MOLY00843282. Organizations should be aware that this flaw can lead to system crashes, potentially disrupting services.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share