CVE-2024-20136
CVSS 3.1 Score 6.2 of 10 (medium)
Details
Published Dec 2, 2024
CWE ID 125
Summary
CVE-2024-20136 is a newly disclosed cybersecurity vulnerability affecting the "in da" software. This issue involves a missing bounds check leading to a potential out-of-bounds read. Consequences of this vulnerability include local information disclosure, meaning sensitive data could be exposed. Importantly, no additional execution privileges or user interaction are required for an attacker to exploit this weakness. The patch for this vulnerability is identified as ALPS09121847, and the internal issue identifier is MSV-1821.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share