CVE-2024-20117
CVSS 3.1 Score 4.4 of 10 (medium)
Details
Published Nov 4, 2024
CWE ID 125
Summary
CVE-2024-20117 is a newly disclosed vulnerability affecting the vdec component. This issue involves an out-of-bounds read error caused by a flaw in the structure design, potentially leading to local information disclosure. Notably, exploitation of this vulnerability does not require user interaction, and it carries the potential to grant system execution privileges. The patch for this issue is identified as ALPS09008925, and it is also referred to as MSV-1681.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share