Nr16
CVE-2024-20066
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477.
AnalysisAI
In modem, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477. Affected products include: Mediatek Nr16, Mediatek Nr17.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS
In Modem, there is a possible memory corruption due to a missing bounds check. Rated critical severity (CVSS 9.8), this
In modem, there is a possible out of bounds write due to improper input invalidation. Rated critical severity (CVSS 9.8)
In CDMA PPP protocol, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CV
In Modem 2G RR, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS
In modem protocol, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8)
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. Rated high severity (CVSS 7.5), this
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.
In Modem, there is a possible information disclosure due to incorrect error handling. Rated high severity (CVSS 7.5), th
In modem EMM, there is a possible system crash due to improper input validation. Rated high severity (CVSS 7.5), this vu
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today