CVE-2024-20123

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Nov 4, 2024
CWE ID 125

Summary

CVE-2024-20123: A critical vulnerability has been identified in the vdec component, which could result in an out-of-bounds read due to a design flaw in its structure. This issue poses a significant risk, as it may allow for local information disclosure. System execution privileges are required for exploitation, making this a serious concern for affected systems. No user interaction is necessary for an attacker to take advantage of this vulnerability. The patch ID for this issue is ALPS09008925, and it has been assigned the issue ID MSV-1569.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share