CVE-2024-20147

MEDIUM

Bluetooth FW - DoS

Title source: llm

Description

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797.

References (1)

[Vendor Advisory] https://corp.mediatek.com/product-security-bulletin/February-2025

Scores

CVSS v3 5.3

EPSS 0.0221

EPSS Percentile 84.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-617

Status published

Products (8)

google/android 13.0

google/android 14.0

google/android 15.0

linuxfoundation/yocto 3.3

linuxfoundation/yocto 4.0

linuxfoundation/yocto 5.0

mediatek/software_development_kit < 3.5

openwrt/openwrt 23.05

Published Feb 03, 2025

Tracked Since Feb 18, 2026