CVE-2024-54984

Name of the Vulnerable Software and Affected Versions Quectel BG96 version BG96MAR02A08M1G

Description An issue in Quectel BG96 allows attackers to bypass authentication via a crafted NAS message. The supplier disputes this issue.

Recommendations For Quectel BG96 version BG96MAR02A08M1G, consider restricting access to the NAS message handling functionality until a patch or official fix is available from the supplier. As a temporary workaround, disabling the authentication bypass mechanism related to crafted NAS messages may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.