CVE-2024-20004

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Feb 5, 2024
Updated: Jul 3, 2024
CWE ID 20

Summary

CVE-2024-20004 is a vulnerability affecting Modem NL1. An improper input validation in the software creates a risk of system crashes. Malicious actors could send an invalid NR RRC Connection Setup message, leading to a remote denial-of-service attack. No additional execution privileges or user interaction are required for exploitation. The patch ID for resolution is MOLY01191612, while the issue ID is MOLY01195812 (MSV-985).

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share