CVE-2024-20142

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Feb 3, 2025

CWE ID 787

Summary

CVE-2024-20142 is a vulnerability affecting V5 DA software. This issue involves a missing bounds check leading to a possible out-of-bounds write. An attacker who gains physical access to the device can exploit this vulnerability for local privilege escalation, requiring no additional execution privileges. User interaction is necessary for successful exploitation. The patch for this vulnerability is identified as ALPS09291406, and its internal reference is MSV-2070.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3BDAoQ
https://www.cve.org/CVERecord?id=CVE-2024-20142
https://nvd.nist.gov/vuln/detail/CVE-2024-20142

Back to Vulnerability Database

CVE-2024-20142

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations