CVE-2024-20138
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Dec 2, 2024
CWE ID 125
Summary
CVE-2024-20138 is a newly disclosed cybersecurity vulnerability affecting wlan drivers. This issue arises due to inadequate input validation, resulting in a potential out-of-bound read condition. The consequence is remote information disclosure, making it a significant security concern. No additional execution privileges or user interaction are required for an attacker to exploit this vulnerability. The patch ID for addressing this issue is ALPS08998291, and it has been assigned the internal reference number MSV-1604.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share