CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20138
https://notcve.org/view.php?id=CVE-2024-20138
02 Dec 2024 — In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 47EXPL: 0CVE-2024-20040
https://notcve.org/view.php?id=CVE-2024-20040
01 Apr 2024 — In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08360153 (for MT6XXX chipsets) / WCNCR00363530 (for MT79XX chipsets); Issue ID: MSV-979. En el firmware WLAN, existe una posible escritura fuera de los límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/April-2024 •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20019
https://notcve.org/view.php?id=CVE-2024-20019
04 Mar 2024 — In wlan driver, there is a possible memory leak due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00351241; Issue ID: MSV-1173. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •