CVE-2024-20153

CVE-2024-20153

Vendor Mediatek, Inc.
Product MT2737, MT6989, MT6991, MT7925, MT8365, MT8518S, MT8532, MT8666, MT8667, MT8673, MT8676, MT8678, MT8755, MT8766, MT8768, MT8775, MT8781, MT8786, MT8788, MT8796, MT8798, MT8893
Weakness CWE-304
Published January 6, 2025
Last update January 6, 2025

CVSS base score

What the vulnerability does

01Description

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.

Key dates

02Disclosure timeline

January 6, 2025 CVE published
January 6, 2025 Record updated