CVE-2024-20146

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jan 6, 2025
CWE ID 787

Summary

CVE-2024-20146 is a newly disclosed vulnerability affecting wlan STA drivers. This issue involves an out-of-bounds write caused by insufficient input validation. An attacker can exploit this flaw to execute remote code in proximal or adjacent networks without user interaction or additional privileges. The vulnerability has been assigned the patch ID WCNCR00389496 and ALPS09137491, as well as the issue ID MSV-1835. It is recommended that affected systems be updated with the appropriate patches to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share