CVE-2024-20103

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Oct 7, 2024
CWE ID 787

Summary

CVE-2024-20103 is a critical vulnerability affecting various wlan firmware products, including models such as wsd0jL, zBY0f-, and wsd2fe, due to improper input validation that can lead to an out-of-bounds write. This security flaw allows for remote code execution without requiring any user interaction or additional execution privileges. The vulnerability scores 9.8 on the CVSS 3.1 scale, indicating a high potential impact on confidentiality, integrity, and availability of the affected systems. To remediate this issue, organizations should apply the patch identified as ALPS09001358. Failure to address this vulnerability could result in significant security risks for an organization, including unauthorized access and control over affected devices through network exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share