CVE-2024-20115

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Nov 4, 2024
CWE ID 787

Summary

CVE-2024-20115 is a newly disclosed vulnerability affecting the ccu software. This issue involves a missing bounds check that could lead to an out-of-bounds write. Malicious actors can exploit this vulnerability to achieve local privilege escalation with System execution privileges, without requiring any user interaction. The patch for this vulnerability is identified as ALPS09036695, and it's recommended that affected organizations apply it promptly to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share