{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-20137","assignerOrgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","state":"PUBLISHED","assignerShortName":"MediaTek","dateReserved":"2023-11-02T13:35:35.183Z","datePublished":"2024-12-02T03:07:11.803Z","dateUpdated":"2024-12-02T15:48:25.247Z"},"containers":{"cna":{"providerMetadata":{"orgId":"ee979b05-11f8-4f25-a7e0-a1fa9c190374","shortName":"MediaTek","dateUpdated":"2024-12-02T03:07:11.803Z"},"descriptions":[{"lang":"en","value":"In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727."}],"affected":[{"vendor":"MediaTek, Inc.","product":"MT6890, MT7622, MT7915, MT7916, MT7981, MT7986","versions":[{"version":"SDK release 7.4.0.1 (MT7915) and 7.6.7.2 (MT7916, MT798X) and before","status":"affected"}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/December-2024"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","cweId":"CWE-248","description":"CWE-248 Uncaught Exception"}]}]},"adp":[{"affected":[{"vendor":"mediatek","product":"mt6890","cpes":["cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]},{"vendor":"mediatek","product":"mt7622","cpes":["cpe:2.3:h:mediatek:mt7622:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]},{"vendor":"mediatek","product":"mt7915","cpes":["cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]},{"vendor":"mediatek","product":"mt7916","cpes":["cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]},{"vendor":"mediatek","product":"mt7981","cpes":["cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]},{"vendor":"mediatek","product":"mt7986","cpes":["cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThanOrEqual":"*","versionType":"custom"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.5,"attackVector":"NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-12-02T15:48:07.775098Z","id":"CVE-2024-20137","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-02T15:48:25.247Z"}}]}}