HIGH🇵🇱 Wersja polska

CVE-2024-20153

CVSS 7.5v3.1pub. 2025-01-06upd. 2026-01-12

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08990446 / ALPS09057442; Issue ID: MSV-1598.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Google Android

    OS
    Google
    14.015.0
  • Linuxfoundation Yocto

    APP
    Linuxfoundation
    3.34.05.0
  • Mediatek Mt2737

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt6989

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt6991

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt7925

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8365

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8518s

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8532

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8666

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8667

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8673

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8676

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8678

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8755

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8766

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8768

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8775

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8781

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8786

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8788

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8796

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8798

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Mt8893

    HW
    Mediatek
    wszystkie wersje
  • Mediatek Software Development Kit

    APP
    Mediatek
    ≤ 3.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-16010CRITICAL9.6⚠ KEVten sam produkt

Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who ha...

CVE-2016-1019CRITICAL9.8⚠ KEVten sam produkt

Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application cr...

CVE-2026-13851CRITICAL9.1ten sam produkt

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...

CVE-2026-13852CRITICAL9.1ten sam produkt

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...

CVE-2026-14106CRITICAL9.6ten sam produkt

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed ...