Vulnerability
CVE-2024-20070
Component: CELLULAR
Location: FIRMWARE
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation.
Impact
Severity (Manufact.)
MEDIUM
Severity (NIST)
N/A
Severity (Android)
N/A
Chipsets
31
Devices
284
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MT6833 | Dimensity 6020 Dimensity 700 | MediaTek |
| MT6873 | Dimensity 800 | MediaTek |
| MT6833 | Dimensity 6080 Dimensity 810 | MediaTek |
| MT6875 | Dimensity 820 | MediaTek |
| MT6877 | Dimensity 900 | MediaTek |
| MT6877 | Dimensity 920 | MediaTek |
| MT6855 | Dimensity 930 | MediaTek |
| MT6889 | Dimensity 1000 | MediaTek |
| MT6879 | Dimensity 1050 | MediaTek |
| MT6877 | Dimensity 1080 Dimensity 7050 _T | MediaTek |
31 of 31 row(s) shown.
Rows per page
Page 1 of 4
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jan 1, 2020
Reported:
Unknown
Advisory Published:
Jun 3, 2024
CVE Published:
N/A
Android Patch Level:
None
