CVE-2024-20102
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2024-20102 identifies a vulnerability in the wlan driver, which allows for a potential out-of-bounds read due to inadequate input validation, possibly leading to remote information disclosure. Affected products include specific models identified as 'tvHyN5', 'sYyJEm', and 'nn8kgA.' Exploiting this vulnerability requires high privileges but does not necessitate user interaction, posing a medium-level risk with a base score of 4.9 according to the CVSS 3.1 system. Organizations can mitigate this risk by applying the patch ID ALPS08998892. Failure to address this issue could lead to significant confidentiality breaches within affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.