Critical RCE Flaw in MediaTek Chipsets Impacts Millions

Summary: MediaTek’s January 2025 Product Security Bulletin reveals multiple security vulnerabilities across its chipsets, including a critical flaw that could allow remote code execution. The bulletin emphasizes the importance of applying security patches to mitigate these risks.

Threat Actor: Unknown | unknown
Victim: MediaTek | MediaTek

Key Point :

Critical vulnerability CVE-2024-20154 allows remote code execution via rogue base stations.
Over 40 MediaTek models are affected by this stack overflow flaw.
High-severity vulnerabilities could lead to local privilege escalation and unauthorized access.
MediaTek has issued security patches and advised users to update their devices promptly.

Source: https://securityonline.info/cve-2024-20154-critical-rce-flaw-in-mediatek-chipsets-impacts-millions/

Tags: CVE, VULNERABILITY, IOT, PRIVILEGE