CVE-2024-20141

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Feb 3, 2025

CWE ID 787

CWE ID 123

Summary

CVE-2024-20141 is a vulnerability affecting V5 DA software. This issue involves a missing bounds check leading to an out-of-bounds write. An attacker with physical access to the device can exploit this vulnerability for local privilege escalation, requiring no additional execution privileges. User interaction is necessary for successful exploitation, and the patch ID is ALPS09291402, while the internal issue identifier is MSV-2073.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3BEA4k
https://www.cve.org/CVERecord?id=CVE-2024-20141
https://nvd.nist.gov/vuln/detail/CVE-2024-20141

Back to Vulnerability Database

CVE-2024-20141

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations