Description

In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331.

Related CPE's

a

mediatek

software_development_kit

Vulnerable

o

openwrt

openwrt

3

h

mediatek

mt6890

-

h

mediatek

mt6990

-

h

mediatek

mt7622

-

References

https://corp.mediatek.com/product-security-bulletin/June-2024

Vendor Advisory

https://corp.mediatek.com/product-security-bulletin/June-2024

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-125

[email protected]

Primary
CWE-125

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.4 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-06-03T00:15:09.220Z

1 year ago

Last modified

2025-04-25T16:38:10.847Z

11 months ago