CVE-2024-20069 Information

Description

In modem there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01286330; Issue ID: MSV-1430.

Reference

https://corp.mediatek.com/product-security-bulletin/June-2024