Login Sign Up

CVE-2024-20129

7.5 HIGH
Denial of Service

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in MediaTek telephony components that could allow remote denial of service attacks. The vulnerability requires no user interaction or special privileges to exploit. Devices using affected MediaTek chipsets with vulnerable telephony firmware are at risk.

💻 Affected Systems

Products:
  • MediaTek telephony components/chipsets
Versions: Specific versions not publicly detailed; refer to MediaTek advisory for affected firmware versions
Operating Systems: Android (devices using MediaTek chipsets)
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with MediaTek chipsets running vulnerable telephony firmware. Exact device models depend on OEM implementation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attackers could crash telephony services, disrupting voice calls, SMS, and mobile data connectivity on affected devices.

🟠

Likely Case

Remote denial of service causing temporary loss of telephony functionality until device restart.

🟢

If Mitigated

Minimal impact if patched; unpatched devices remain vulnerable to service disruption.

🌐 Internet-Facing: HIGH - No authentication required and no user interaction needed for remote exploitation.
🏢 Internal Only: MEDIUM - Could be exploited from internal networks but internet-facing exposure is primary concern.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires understanding of telephony protocols and memory layout. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to MediaTek advisory ALPS09289881 for specific patched versions

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/December-2024

Restart Required: Yes

Instructions:

1. Check with device manufacturer for firmware updates. 2. Apply MediaTek-provided patch ALPS09289881. 3. Reboot device after update. 4. Verify patch installation.

🔧 Temporary Workarounds

Network segmentation

all

Restrict network access to telephony services from untrusted networks

🧯 If You Can't Patch

  • Implement strict network filtering to limit access to telephony services
  • Monitor for telephony service crashes and implement automated recovery procedures

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against MediaTek advisory; devices with unpatched telephony firmware are vulnerable

Check Version:

Device-specific commands vary by manufacturer; typically in Settings > About Phone > Software Information

Verify Fix Applied:

Verify patch ALPS09289881 is applied by checking firmware version or patch status

📡 Detection & Monitoring

Log Indicators:

  • Unexpected telephony service crashes
  • Modem/telephony subsystem restarts
  • Memory access violation logs in telephony components

Network Indicators:

  • Unusual telephony protocol traffic patterns
  • Unexpected connection attempts to telephony services

SIEM Query:

source="telephony" AND (event="crash" OR event="restart" OR error="memory_access")

📊 Metadata

CVE ID: CVE-2024-20129
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-125
Published: December 2, 2024
Last Updated: March 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20129, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)