More information about this CVE will likely be available in a few days

Description

In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430.

Related CPE's

Could not find any relations

References

https://corp.mediatek.com/product-security-bulletin/June-2024

Weaknesses

[email protected]

Secondary
CWE-757

CVSS impact metrics

Could not find any metrics

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-06-03T02:15:08.977

1 month ago

Last modified

2024-06-06T03:15:08.747

1 month ago