CVE-2024-20137

HIGH

Wlan Driver - DoS

Title source: llm

Description

In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727.

Exploits (1)

nomisec WORKING POC 1 stars

by takistmr · poc

https://github.com/takistmr/CVE-2024-20137

View Code ZIP pw:eip

References (1)

[Various Sources] https://corp.mediatek.com/product-security-bulletin/December-2024

Scores

CVSS v3 7.5

EPSS 0.1007

EPSS Percentile 93.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-248

Status published

Products (1)

MediaTek, Inc./MT6890, MT7622, MT7915, MT7916, MT7981, MT7986 SDK release 7.4.0.1 (MT7915) and 7.6.7.2 (MT7916, MT798X) and before

Published Dec 02, 2024

Tracked Since Feb 18, 2026