CVE-2024-20143

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Jan 6, 2025
CWE ID 787

Summary

CVE-2024-20143 is a vulnerability affecting V6 DA software. It involves a missing bounds check, leading to a potential out-of-bounds write issue. If exploited, this weakness could result in local privilege escalation, granting attackers elevated access, even without additional execution privileges. Physical access to the device is required for exploitation, and user interaction is necessary for the attack to be successful. The patch ID for addressing this vulnerability is ALPS09167056, and it is identified as MSV-2069.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share