CVE-2024-12654

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 16, 2024

Updated: Dec 18, 2024

CWE ID 404

CWE ID 476

Summary

CVE-2024-12654 is a newly disclosed vulnerability affecting FabulaTech USB over Network 6.0.6.1. The issue lies within the 0x220408 function in the ftusbbus2.sys library of the IOCT Handler component. An attacker can manipulate this function, resulting in a null pointer dereference. This vulnerability requires local access and its exploit has been made public. Despite early disclosure to the vendor, they have not yet responded.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1pWwxE
https://www.cve.org/CVERecord?id=CVE-2024-12654
https://nvd.nist.gov/vuln/detail/CVE-2024-12654

Back to Vulnerability Database

CVE-2024-12654

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations