Vulnerability Details CVE-2024-20153
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2024-20153
-
cpe:2.3:a:linuxfoundation:yocto:3.3
-
cpe:2.3:a:linuxfoundation:yocto:4.0
-
cpe:2.3:a:linuxfoundation:yocto:5.0
-
cpe:2.3:a:mediatek:software_development_kit:2.4
-
cpe:2.3:a:mediatek:software_development_kit:2.5
-
cpe:2.3:a:mediatek:software_development_kit:3.3
-
cpe:2.3:a:mediatek:software_development_kit:3.5
-
cpe:2.3:h:mediatek:mt2737:-
-
cpe:2.3:h:mediatek:mt6989:-
-
cpe:2.3:h:mediatek:mt6991:-
-
cpe:2.3:h:mediatek:mt7925:-
-
cpe:2.3:h:mediatek:mt8365:-
-
cpe:2.3:h:mediatek:mt8518s:-
-
cpe:2.3:h:mediatek:mt8532:-
-
cpe:2.3:h:mediatek:mt8666:-
-
cpe:2.3:h:mediatek:mt8667:-
-
cpe:2.3:h:mediatek:mt8673:-
-
cpe:2.3:h:mediatek:mt8676:-
-
cpe:2.3:h:mediatek:mt8678:-
-
cpe:2.3:h:mediatek:mt8755:-
-
cpe:2.3:h:mediatek:mt8766:-
-
cpe:2.3:h:mediatek:mt8768:-
-
cpe:2.3:h:mediatek:mt8775:-
-
cpe:2.3:h:mediatek:mt8781:-
-
cpe:2.3:h:mediatek:mt8786:-
-
cpe:2.3:h:mediatek:mt8788:-
-
cpe:2.3:h:mediatek:mt8796:-
-
cpe:2.3:h:mediatek:mt8798:-
-
cpe:2.3:h:mediatek:mt8893:-
-
cpe:2.3:o:google:android:14.0
-
cpe:2.3:o:google:android:15.0