CVE-2024-20115
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Published Nov 4, 2024
CWE ID 787
Summary
CVE-2024-20115 is a newly disclosed vulnerability affecting the ccu software. This issue involves a missing bounds check that could lead to an out-of-bounds write. Malicious actors can exploit this vulnerability to achieve local privilege escalation with System execution privileges, without requiring any user interaction. The patch for this vulnerability is identified as ALPS09036695, and it's recommended that affected organizations apply it promptly to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share