Reachable Assertion in MediaTek products - CVE-2024-20152
Published: January 6, 2025
Vulnerability identifier: #VU102351
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-20152
CWE-ID: CWE-617
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: MediaTek
Affected software:
MT2737
MT3603
MT6835
MT6878
MT6886
MT6897
MT6990
MT7902
MT7920
MT7922
MT8532
MT8755
MT8766
MT8768
MT8775
MT8781
MT8796
MT8798
MT8893
MT8518S
MT2737
MT3603
MT6835
MT6878
MT6886
MT6897
MT6990
MT7902
MT7920
MT7922
MT8532
MT8755
MT8766
MT8768
MT8775
MT8781
MT8796
MT8798
MT8893
MT8518S
Detailed vulnerability description
The vulnerability allows a local application to perform service disruption.
The vulnerability exists due to improper exception handling within wlan. A local application can perform service disruption.
How to mitigate CVE-2024-20152
Install security update from vendor's website.