Vulnerabilities > CVE-2024-20066 - Out-of-bounds Write vulnerability in Mediatek Nr16 and Nr17

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

mediatek

CWE-787

NVD

Published: 2024-06-03

Updated: 2025-02-03

Summary

In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.

Vulnerable Configurations

Part	Description	Count
OS	Mediatek Mediatek Nr16 - Mediatek Nr17 -	2
Hardware	Mediatek Mediatek Mt6298 - Mediatek Mt6813 - Mediatek Mt6815 - Mediatek Mt6835 - Mediatek Mt6878 - Mediatek Mt6879 - Mediatek Mt6895 - Mediatek Mt6895T - Mediatek Mt6896 - Mediatek Mt6897 - Mediatek Mt6899 - Mediatek Mt6980 - Mediatek Mt6980D - Mediatek Mt6983 - Mediatek Mt6986 - Mediatek Mt6986D - Mediatek Mt6990 - Mediatek Mt6991 - Mediatek Mt8673 - Mediatek Mt8792 - Mediatek Mt8798 -	21

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References