CVE-2024-20138

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 2, 2024
CWE ID 125

Summary

CVE-2024-20138 is a newly disclosed cybersecurity vulnerability affecting wlan drivers. This issue arises due to inadequate input validation, resulting in a potential out-of-bound read condition. The consequence is remote information disclosure, making it a significant security concern. No additional execution privileges or user interaction are required for an attacker to exploit this vulnerability. The patch ID for addressing this issue is ALPS08998291, and it has been assigned the internal reference number MSV-1604.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share