mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-01 11:11:27 +00:00
243 lines
8.9 KiB
JSON
243 lines
8.9 KiB
JSON
{
|
|
"id": "CVE-2024-20147",
|
|
"sourceIdentifier": "security@mediatek.com",
|
|
"published": "2025-02-03T04:15:07.927",
|
|
"lastModified": "2025-04-22T13:50:37.573",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En Bluetooth FW, existe una posible afirmaci\u00f3n de accesibilidad debido a una gesti\u00f3n inadecuada de excepciones. Esto podr\u00eda provocar una denegaci\u00f3n de servicio remota sin necesidad de privilegios de ejecuci\u00f3n adicionales. No se necesita interacci\u00f3n del usuario para la explotaci\u00f3n. ID de parche: WCNCR00389046 (Nota: para conjuntos de chips MT79XX) / ALPS09136501 (Nota: para conjuntos de chips MT2737, MT3603, MT6XXX y MT8XXX); ID de problema: MSV-1797."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "NONE"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "security@mediatek.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-617"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-617"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:linuxfoundation:yocto:3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2385F2C9-3EA1-424B-AB8D-A672BF1CBE56"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:linuxfoundation:yocto:4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "437D8F9D-67DF-47A5-9C96-5B51D1562951"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:linuxfoundation:yocto:5.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "067BC2E4-D44D-4817-861C-8596A497E183"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.5",
|
|
"matchCriteriaId": "478606CD-9678-4C35-A0E4-DC973B04D76A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:openwrt:openwrt:23.05:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AED95D06-8EC6-4070-BE3C-E0F851D7FFC1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt2737:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9C2A1118-B5F7-4EF5-B329-0887B5F3430E"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt3603:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BE21866A-505E-4526-A346-60C97DCE080B"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6835:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "19A63103-C708-48EC-B44D-5E465A6B79C5"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6878:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "855A8046-34ED-4891-ACE5-76AB10AC8D53"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6886:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AF3E2B84-DAFE-4E11-B23B-026F719475F5"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6897:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2A7D8055-F4B6-41EE-A078-11D56285AB66"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6989:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD7DE6B2-66D9-4A3E-B15F-D56505559255"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt6990:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1A76806D-A4E3-466A-90CB-E9FFE478E7A0"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7902:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91DEA745-47A8-43F1-A1B2-F53F651A99EF"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7920:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "140DAC08-96E9-47D3-BC2E-65E999DCFD50"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7921:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "32AFEA0A-FFE2-4EA9-8B51-7E3E75DE65CC"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7922:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EA2A6813-7138-441E-A9E4-FF62FCBD797A"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7925:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "27CFC9DF-2F4C-469A-8A19-A260B1134CFE"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt7927:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "05525018-AFE0-415C-A71C-A77922C7D637"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8195:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ED210E64-6CE7-42B1-849E-68C0E22521F6"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8370:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DA2B6BB9-7544-41A7-BF3A-344AA4CC4B31"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8390:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B774B7D7-B7DD-43A0-833F-7E39DF82CA60"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8395:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D98FBE1C-D57B-49D9-9C4E-8A133A0C1C89"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8518s:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6069CD03-6AB1-4A06-88CF-EFBDEA84CDE2"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8532:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE18D5C2-0423-4CE5-86E7-69E7BB131BBF"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:mediatek:mt8678:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "152A5F3D-8004-4649-BDB1-E6F0798AF1CB"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://corp.mediatek.com/product-security-bulletin/February-2025",
|
|
"source": "security@mediatek.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |