CVE-2024-20131

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 2, 2024
CWE ID 787

Summary

CVE-2024-20131 is a newly identified vulnerability in Modem software. This issue involves an incorrect bounds check leading to a possible privilege escalation. With System execution privileges, an attacker can exploit this vulnerability without user interaction, resulting in local privilege escalation. The patch ID for addressing this issue is MOLY01395886, and it is also referred to as MSV-1873. This flaw could potentially allow unauthorized system access and manipulation. Users are strongly advised to apply the available patch as soon as possible to mitigate the risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share