A critical vulnerability in MediaTek Wi-Fi chipsets, widely used in embedded devices that support Wi-Fi 6, has been identified, enabling remote code execution (RCE) attacks without user interaction. This 0-click vulnerability, designated CVE-2024-20017, affects numerous devices from brands like Ubiquiti, Xiaomi, and Netgear, stemming from a buffer overflow in the wappd network daemon. Users are urged to update their firmware promptly to protect against this security flaw.

Relevant URL: https://cybersecuritynews.com/0-click-rce-vulnerability-mediatek/amp/