Cyber Resilience

CVE-2024-20150

HighRCE

Published: 06 January 2025

Published
06 January 2025
Modified
22 April 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0736 91.9th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-20150 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Mediatek Lr12A. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked in the top 8.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

In Modem components from MediaTek, a logic error can trigger a system crash, resulting in remote denial of service. The flaw is tracked as CVE-2024-20150 with a CVSS score of 7.5 and is associated with CWE-502; it requires no user interaction or elevated privileges for exploitation and is addressed via patch ID MOLY01412526.

An unauthenticated remote attacker can send crafted input over the network to induce the crash, disrupting service availability on affected devices without gaining code execution or accessing sensitive data.

The MediaTek January 2025 security bulletin lists the corresponding Issue ID MSV-2018 and directs vendors to apply the referenced patch for remediation.

EPSS scores remain low, with a current value of 0.0736 and a peak of 0.0934, indicating limited observed exploitation interest to date.

EU & UK References

Vulnerability details

In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote unauthenticated network exploitation of the modem logic error directly enables application/system crash for availability impact, matching T1499.004 (Application or System Exploitation) under Endpoint Denial of Service.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-20149Same product: Mediatek Lr13
CVE-2026-20434Same product: Mediatek Lr12A
CVE-2026-20401Same product: Mediatek Mt2735
CVE-2025-20727Same product: Mediatek Lr12A
CVE-2024-20154Same product: Mediatek Lr12A
CVE-2025-20708Same product: Mediatek Mt2735
CVE-2025-20637Same vendor: Mediatek
CVE-2025-20634Same product: Mediatek Mt2737
CVE-2026-20433Same product: Mediatek Mt2735
CVE-2026-20432Same product: Mediatek Mt2735

Affected Assets

mediatek
lr12a
all versions
mediatek
lr13
all versions
mediatek
nr15
all versions
mediatek
nr16
all versions
mediatek
nr17
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of known flaws like this modem logic error via patches such as MOLY01412526 to prevent remote DoS exploitation.

prevent

Implements protections specifically against denial-of-service attacks that cause system crashes from remote network access to the vulnerable modem component.

prevent

Validates untrusted network inputs to the modem to block malformed data triggering the deserialization-related logic error (CWE-502).

References