CVE-2024-20132

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 2, 2024
CWE ID 787

Summary

CVE-2024-20132 is a newly disclosed vulnerability affecting Modem software. This issue involves an out-of-bounds write vulnerability, which can result in local privilege escalation without requiring additional execution privileges. Notably, user interaction is not necessary for exploitation to occur. The patch for this vulnerability is identified as MOLY00957388, and it addresses the problem with the mission bounds check. Organizations using the affected software are urged to apply the patch promptly to mitigate potential risks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share