CVE-2024-1633
CVSS 3.1 Score 2.0 of 10 (low)
Details
Summary
CVE-2024-1633 is a vulnerability that affects the git version from c2f286820471ed276c57e603762bd831873e5a17 until (not specified). The vulnerability occurs during secure boot when the bl2 bootloader reads image length and destination from the image's certificate. Due to an integer overflow, an attacker can bypass memory range restrictions and write data out of buffer bounds, potentially resulting in the bypass of secure boot. The risk score for this vulnerability is 10, with a base severity of low. There is no requirement for privileges or user interaction, and the attack vector is physical. The impact score is 1.4, with low integrity and no confidentiality impact. The CVE ID is CVE-2024-1633 and it has been reported by [email protected].
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions