Techly NewsGet the app

Get the latest tech news

Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability


A detailed breakdown of Microsoft's Security Bulletin Coverage for June 2024.

CVE-2024-20017 is a critical zero-click vulnerability with a CVSS 3.0 score of 9.8, impacting MediaTek Wi-Fi chipsets MT7622/MT7915 and RTxxxx SoftAP driver bundles used in products from various manufacturers, including Ubiquiti, Xiaomi and Netgear. Ultimately, the vulnerability is a buffer overflow as a result of a length value taken directly from attacker-controlled packet data without bounds checking and placed into a memory copy. Due to the availability of the exploit code, it is highly recommended that users upgrade to the latest version of the firmware for their respective chipset.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of vulnerability

vulnerability

Photo of critical exploit

critical exploit

Photo of fi chipsets

fi chipsets

Related news:

News photo

Vulnerability in Microsoft apps allowed hackers to spy on Mac users

News photo

Vulnerability Allowed Eavesdropping via Sonos Smart Speakers

News photo

Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability

« AMD Releases ROCm 6.2.1 With FBGEMM Support, Installation Improvements
Qualcomm reportedly approached Intel about a takeover. Analysts say they could face political scrutiny and 'little overlap.' »