CVE-2024-20153
Published: 06 January 2025
Description
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.
Security Summary
CVE-2024-20153 is a vulnerability in the wlan STA component that allows attackers to trick a client device into connecting to an access point (AP) with a spoofed SSID. This flaw enables remote information disclosure without requiring additional execution privileges. The issue is tracked under Issue ID MSV-1598 and affects MediaTek products, as indicated by the associated patch IDs ALPS08990446 and ALPS09057442. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) and is associated with CWE-304 (Missing Critical Step).
The attack scenario involves a remote, unauthenticated attacker with network access who can exploit the vulnerability with low complexity and no user interaction required. By spoofing an SSID, the attacker can lure the client into connecting to a malicious AP, resulting in the disclosure of sensitive information from the affected device.
MediaTek's January 2025 Product Security Bulletin provides details on the vulnerability and recommends applying the patches ALPS08990446 or ALPS09057442 to mitigate the issue. Security practitioners should check the bulletin at https://corp.mediatek.com/product-security-bulletin/January-2025 for affected products and remediation guidance.
Details
- CWE(s)