CVE-2024-20154: Critical RCE Flaw in MediaTek Chipsets Impacts Millions

MediaTek has released its January 2025 Product Security Bulletin, addressing a range of security vulnerabilities affecting its various chipsets. The bulletin details flaws found in products ranging from smartphones and tablets to IoT devices and smart TVs.

The bulletin’s most severe vulnerability, CVE-2024-20154, is a stack overflow flaw in MediaTek’s modem firmware. Classified as a Critical Remote Code Execution (RCE) vulnerability with a CWE-121 designation, it can be exploited by connecting a User Equipment (UE) device to a rogue base station controlled by an attacker. No user interaction or elevated privileges are required for exploitation. This flaw affects over 40 models, including MT2735, MT6767, MT6785, MT6873, and MT6880.

The bulletin also highlights several high-severity vulnerabilities, including out-of-bounds write vulnerabilities in power management (CVE-2024-20140) and the Digital Audio subsystem (CVE-2024-20143, CVE-2024-20144, CVE-2024-20145). These vulnerabilities could lead to local privilege escalation, potentially allowing attackers to gain unauthorized access to sensitive data or system functionalities.

Other vulnerabilities addressed include issues in the WLAN driver (CVE-2024-20146, CVE-2024-20148) that could lead to remote code execution and an out-of-bounds write vulnerability in the M4U subsystem (CVE-2024-20105) that could allow for local privilege escalation.

MediaTek has notified device manufacturers (OEMs) about these vulnerabilities and provided corresponding security patches. Users are strongly encouraged to check for updates from their device manufacturers and apply them as soon as possible to mitigate these security risks.

Leave a Reply Cancel reply

Website

Related Posts:

Leave a Reply Cancel reply