Sign-up

ID

VAR-202407-1709


CVE

CVE-2024-20077


TITLE

media tech's  LR12A  Buffer error vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310

DESCRIPTION

In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482. media tech's LR12A Exists in a buffer error vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-20077 // JVNDB: JVNDB-2024-024310

AFFECTED PRODUCTS

vendor:mediatekmodel:lr12ascope:eqversion: -

Trust: 1.0

vendor:メディアテックmodel:lr12ascope: - version: -

Trust: 0.8

vendor:メディアテックmodel:lr12ascope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310 // NVD: CVE-2024-20077

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-20077
value: HIGH

Trust: 1.0

OTHER: JVNDB-2024-024310
value: HIGH

Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-20077
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2024-024310
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310 // NVD: CVE-2024-20077

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Buffer error (CWE-119) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310 // NVD: CVE-2024-20077

EXTERNAL IDS

db:NVDid:CVE-2024-20077

Trust: 2.6

db:JVNDBid:JVNDB-2024-024310

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310 // NVD: CVE-2024-20077

REFERENCES

url:https://corp.mediatek.com/product-security-bulletin/july-2024

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-20077

Trust: 0.8

sources: JVNDB: JVNDB-2024-024310 // NVD: CVE-2024-20077

SOURCES

db:JVNDBid:JVNDB-2024-024310
db:NVDid:CVE-2024-20077

LAST UPDATE DATE

2025-05-30T23:10:40.843000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2024-024310date:2025-05-29T02:36:00
db:NVDid:CVE-2024-20077date:2025-05-28T20:12:30.680

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2024-024310date:2025-05-29T00:00:00
db:NVDid:CVE-2024-20077date:2024-07-01T05:15:04.133