CVE-2024-20082 Overview
CVE-2024-20082 is a memory corruption vulnerability in the MediaTek Modem component caused by a missing bounds check. The flaw enables remote code execution without requiring additional execution privileges and without any user interaction. MediaTek disclosed the issue in its August 2024 Product Security Bulletin and tracks the fix under Patch ID MOLY01182594 and Issue ID MSV-1529.
The vulnerability affects a broad set of MediaTek baseband platforms, including NR15, NR16, NR17 modems and dozens of System-on-Chip (SoC) families used in Android smartphones, tablets, and IoT devices.
Critical Impact
A remote attacker can corrupt modem memory over the air without user interaction, achieving remote code execution on the baseband processor of vulnerable MediaTek devices.
Affected Products
- MediaTek modem platforms: NR15, NR16, NR17
- MediaTek smartphone SoCs including MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT6983, MT6985, MT6989, and MT6990
- MediaTek IoT and CPE chipsets including MT2735, MT2737, and MT8797
Discovery Timeline
- 2024-08-14 - CVE-2024-20082 published to the National Vulnerability Database (NVD)
- August 2024 - MediaTek releases security patch via Product Security Bulletin (Patch ID MOLY01182594, Issue ID MSV-1529)
- 2025-05-30 - Last updated in NVD database
Technical Details for CVE-2024-20082
Vulnerability Analysis
The vulnerability is a memory corruption issue in the MediaTek Modem (baseband) firmware, classified under [CWE-119] Improper Restriction of Operations within the Bounds of a Memory Buffer. A missing bounds check allows attacker-controlled data to be written beyond the intended buffer boundary inside the modem subsystem.
Because the modem processes radio protocol messages received over the cellular air interface, the flaw is exploitable remotely across the network attack surface. The vendor advisory states that no privileges and no user interaction are required, and that successful exploitation can result in remote code execution within the modem.
Code execution on the baseband is particularly impactful because the modem operates as an independent processor with high privileges over cellular communication. An attacker with code execution on the modem can intercept calls, manipulate SMS or signaling traffic, and potentially pivot toward the application processor.
Root Cause
The root cause is a missing bounds check in the modem firmware when handling externally supplied data. Without validating the size of incoming fields against the destination buffer, the code writes attacker-controlled bytes past the allocated boundary, corrupting adjacent memory structures and control data.
Attack Vector
The attack vector is network-based. An adversary positioned on the cellular network, such as through a rogue base station or compromised carrier infrastructure, can deliver crafted protocol messages to the targeted modem. Exploitation requires no authentication and no interaction from the device user.
No public proof-of-concept exploit code is available for CVE-2024-20082. Technical specifics of the affected protocol handler have not been published by MediaTek. Refer to the MediaTek Security Bulletin August 2024 for vendor-provided details.
Detection Methods for CVE-2024-20082
Indicators of Compromise
- Unexpected modem crashes, resets, or kernel logs referencing baseband panic events on affected MediaTek devices
- Anomalous cellular connectivity behavior such as forced downgrades to older radio access technologies or sudden disconnections
- Device firmware version strings that do not include Patch ID MOLY01182594
Detection Strategies
- Inventory device fleets against the affected MediaTek chipset list and verify firmware patch level against the August 2024 bulletin
- Monitor mobile device management (MDM) telemetry for outdated baseband versions on enterprise-owned Android devices
- Correlate cellular network anomalies, such as repeated attachment to unknown base stations, with logs from mobile threat defense agents
Monitoring Recommendations
- Track vendor advisories from MediaTek and downstream OEMs for delayed patch availability on specific device models
- Use mobile threat defense tooling to flag devices running unpatched baseband firmware
- Watch the EPSS score for CVE-2024-20082, currently at 12.001% and in the 93.86th percentile, as a leading indicator of exploitation activity
How to Mitigate CVE-2024-20082
Immediate Actions Required
- Apply the MediaTek security update referenced by Patch ID MOLY01182594 as soon as OEM firmware containing the fix is available
- Identify all enterprise-managed devices using affected MediaTek chipsets and prioritize them for update deployment
- Restrict use of high-risk devices in sensitive environments until patches are installed
Patch Information
MediaTek addressed the issue in the August 2024 Product Security Bulletin. Device manufacturers incorporate the fix into OEM firmware releases tied to the Android security patch level. Refer to the MediaTek Product Security Bulletin August 2024 for the authoritative patch reference and Issue ID MSV-1529.
Workarounds
- No vendor-supplied workaround exists; patching the modem firmware is the only complete remediation
- For high-value users, disabling cellular radios or operating in airplane mode reduces exposure where connectivity is not required
- Avoid connecting to unknown or untrusted cellular networks until the device firmware is updated
# Verify Android security patch level on a managed device
adb shell getprop ro.build.version.security_patch
# Confirm device chipset against the affected MediaTek list
adb shell getprop ro.board.platform
adb shell getprop ro.hardware
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
