CVE-2024-20133

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 2, 2024
CWE ID 787

Summary

CVE-2024-20133 is a newly identified vulnerability affecting Modem software. This issue involves an incorrect bounds check that could be exploited to escalate privileges, allowing an attacker to gain local System execution rights without user interaction. The vulnerability requires no direct user engagement for exploitation. Microsoft has released a patch with ID MOLY01395886 and Issue ID MSV-1871 to address this security concern.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share