Cyber Posture

CVE-2024-20154

High

Published: 06 January 2025

Published
06 January 2025
Modified
17 February 2026
KEV Added
Patch
CVSS Score 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.2737 96.4th percentile
Risk Priority 34 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-20154 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Mediatek Lr12A. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 3.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly addresses the missing bounds check by enforcing validation of information inputs from base stations to prevent out-of-bounds writes.

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of the specific flaw via Patch ID MOLY00720348 to eliminate the vulnerability in MediaTek Modem firmware.

SI-16 Memory Protection good match
prevent

Implements memory safeguards to protect against unauthorized code execution resulting from the out-of-bounds write exploitation.

NVD Description

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional…

more

execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.

Deeper analysisAI

CVE-2024-20154 is a vulnerability in the MediaTek Modem software that enables an out-of-bounds write due to a missing bounds check. Published on 2025-01-06, this issue is tracked under Issue ID MSV-2392 and addressed by Patch ID MOLY00720348. It carries a CVSS v3.1 base score of 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWEs 121 and 787.

An attacker can exploit this vulnerability for remote code execution on affected user equipment (UE), such as mobile devices, provided the device connects to a rogue base station under the attacker's control. No additional execution privileges or user interaction are required, making it feasible in scenarios where the attacker has adjacent network access.

MediaTek's January 2025 Product Security Bulletin details the patch and mitigation steps, available at https://corp.mediatek.com/product-security-bulletin/January-2025. Security practitioners should prioritize applying Patch ID MOLY00720348 to vulnerable Modem firmware to prevent exploitation.

Details

CWE(s)
CWE-121CWE-787

Affected Products

mediatek
lr12a
all versions
mediatek
lr13
all versions
mediatek
nr16.r1.mp
all versions
mediatek
nr16.r1.mp1mp2.mp
all versions
mediatek
nr16.r2.mp
all versions

CVEs Like This One

CVE-2026-20434Same product: Mediatek Lr12A
CVE-2025-20727Same product: Mediatek Lr12A
CVE-2024-20150Same product: Mediatek Lr12A
CVE-2024-20149Same product: Mediatek Lr13
CVE-2025-20708Same product: Mediatek Mt2735
CVE-2026-20432Same product: Mediatek Mt2735
CVE-2026-20433Same product: Mediatek Mt2735
CVE-2026-20401Same product: Mediatek Mt2735
CVE-2025-20634Same product: Mediatek Mt8673
CVE-2025-20797Same product: Mediatek Mt6768

References