CVE-2024-12107

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 4, 2024
CWE ID 415

Summary

CVE-2024-12107 is a newly disclosed vulnerability affecting uD3TN BPv7. This issue consists of a double-free vulnerability, which can be triggered by a malformed Endpoint Identifier sent to the affected software. A remote attacker can exploit this flaw to cause a Denial of Service (DoS) condition, disrupting the normal operation of impacted systems. The precise mechanism of the exploit remains under investigation, but it is clear that this vulnerability poses a significant risk to organizations using the affected software. It is strongly recommended that organizations apply the forthcoming patches or workarounds to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share