CVE-2024-20146
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Jan 6, 2025
CWE ID 787
Summary
CVE-2024-20146 is a newly disclosed vulnerability affecting wlan STA drivers. This issue involves an out-of-bounds write caused by insufficient input validation. An attacker can exploit this flaw to execute remote code in proximal or adjacent networks without user interaction or additional privileges. The vulnerability has been assigned the patch ID WCNCR00389496 and ALPS09137491, as well as the issue ID MSV-1835. It is recommended that affected systems be updated with the appropriate patches to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share