CVE-2024-12248

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jan 30, 2025

Updated: Jan 31, 2025

CWE ID 787

Summary

CVE-2024-12248 is a newly identified vulnerability affecting the Contec Health CMS8000 Patient Monitor system. This issue involves an out-of-bounds write vulnerability, which can be exploited by an attacker by sending specially crafted UDP requests. Successful exploitation could result in arbitrary data being written to memory, potentially leading to remote code execution with administrative privileges, posing a significant threat to the confidentiality, integrity, and availability of affected systems. It is crucial that users apply the necessary patches as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1SLFei
https://www.cve.org/CVERecord?id=CVE-2024-12248
https://nvd.nist.gov/vuln/detail/CVE-2024-12248

Back to Vulnerability Database

CVE-2024-12248

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations