CVE-2024-20148

Critical

Published: 06 January 2025

Published

06 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0010 27.7th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.

Security Summary

CVE-2024-20148 is an out-of-bounds write vulnerability in the WLAN Station (STA) firmware due to improper input validation, tracked under CWE-787. It affects the WLAN STA firmware component, as detailed in MediaTek's product security bulletin. The issue carries a CVSS v3.1 base score of 9.8 (Critical), with vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high confidentiality, integrity, and availability impacts.

The vulnerability enables remote proximal or adjacent code execution without requiring additional privileges or user interaction. Attackers in network proximity can exploit it over the air via crafted wireless packets, potentially compromising the affected device at the firmware level.

MediaTek's January 2025 product security bulletin provides mitigation details, including Patch ID WCNCR00389045 and ALPS09136494, associated with Issue ID MSV-1796. Security practitioners should apply these patches to vulnerable WLAN STA firmware implementations.

Details

CWE(s): CWE-787

Affected Products

linuxfoundation

yocto

3.3, 4.0, 5.0

mediatek

software development kit

≤ 2.4

google

android

13.0, 14.0, 15.0

References

https://corp.mediatek.com/product-security-bulletin/January-2025
Vendor Advisory · security@mediatek.com