CVE-2024-20147 – This CVE describes a Bluetooth firmware vulnera... (How to Fix)

Q: What is the severity of CVE-2024-20147?

CVE-2024-20147 has a CVSS score of 5.3 (MEDIUM). This CVE describes a Bluetooth firmware vulnerability in MediaTek chipsets where improper exception handling could trigger a reachable assertion. This allows remote attackers to cause denial of service without user interaction or additional privileges. Affected devices include those using MT79XX, MT2737, MT3603, MT6XXX, and MT8XXX chipsets with vulnerable Bluetooth firmware.

📋 TL;DR

This CVE describes a Bluetooth firmware vulnerability in MediaTek chipsets where improper exception handling could trigger a reachable assertion. This allows remote attackers to cause denial of service without user interaction or additional privileges. Affected devices include those using MT79XX, MT2737, MT3603, MT6XXX, and MT8XXX chipsets with vulnerable Bluetooth firmware.

💻 Affected Systems

Products:

MediaTek MT79XX chipsets
MediaTek MT2737 chipsets
MediaTek MT3603 chipsets
MediaTek MT6XXX chipsets
MediaTek MT8XXX chipsets

Versions: Vulnerable Bluetooth firmware versions prior to patches

Operating Systems: Any OS using affected MediaTek Bluetooth chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with Bluetooth enabled using specified MediaTek chipsets. Exact firmware versions not specified in CVE.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could crash Bluetooth functionality on affected devices, disrupting wireless connectivity and potentially affecting device usability until reboot.

🟠

Likely Case

Bluetooth service disruption on vulnerable devices, requiring device restart to restore functionality.

🟢

If Mitigated

Minimal impact if patched firmware is installed or Bluetooth is disabled on vulnerable devices.

🌐 Internet-Facing: MEDIUM - Bluetooth has limited range but can be exploited remotely within proximity without authentication.

🏢 Internal Only: MEDIUM - Same exploit characteristics apply internally, but requires attacker proximity to target devices.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires Bluetooth proximity and knowledge of vulnerable chipsets. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: WCNCR00389046 for MT79XX chipsets / ALPS09136501 for MT2737, MT3603, MT6XXX, and MT8XXX chipsets

Vendor Advisory: https://corp.mediatek.com/product-security-bulletin/February-2025

Restart Required: Yes

Instructions:

1. Check device chipset model. 2. Contact device manufacturer for firmware update. 3. Apply appropriate patch: WCNCR00389046 for MT79XX or ALPS09136501 for others. 4. Reboot device after update.

🔧 Temporary Workarounds

Disable Bluetooth

all

Turn off Bluetooth functionality to prevent exploitation

# Linux: rfkill block bluetooth
# Windows: Disable in Device Manager or Settings
# Android/iOS: Turn off Bluetooth in settings

Limit Bluetooth Visibility

all

Set Bluetooth to non-discoverable mode to reduce attack surface

# Varies by device - typically in Bluetooth settings

🧯 If You Can't Patch

Segment network to isolate Bluetooth devices from untrusted networks
Implement physical security controls to limit proximity-based attacks

🔍 How to Verify

Check if Vulnerable:

Check device specifications for MediaTek chipset models MT79XX, MT2737, MT3603, MT6XXX, or MT8XXX and verify Bluetooth firmware version with manufacturer

Check Version:

# Varies by device - typically in About or System Information sections

Verify Fix Applied:

Confirm firmware update to WCNCR00389046 or ALPS09136501 has been applied through device settings or manufacturer tools

📡 Detection & Monitoring

Log Indicators:

Bluetooth service crashes
Unexpected Bluetooth disconnections
Firmware assertion failures in system logs

Network Indicators:

Multiple Bluetooth connection attempts from unknown devices
Unusual Bluetooth traffic patterns

SIEM Query:

Device logs showing Bluetooth service restarts or firmware errors from MediaTek chipsets

📊 Metadata

CVE ID: CVE-2024-20147

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-617

EPSS Score: 0.05% exploit probability (16.6th percentile)

Published: February 3, 2025

Last Updated: April 22, 2025

🔗 References

https://corp.mediatek.com/product-security-bulletin/February-2025 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20147, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

Openwrt by Openwrt

Software Development Kit by Mediatek

Yocto by Linuxfoundation

Yocto by Linuxfoundation

Yocto by Linuxfoundation

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Bluetooth

Limit Bluetooth Visibility

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities