CVE-2024-20812

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 6, 2024
Updated: Feb 13, 2024
CWE ID 787

Summary

CVE-2024-20812 is a newly disclosed vulnerability affecting libpadm.so before the SMR Feb-2024 Release 1. This issue involves an out-of-bounds write vulnerability in the padmd_vld_htbl function. A local attacker can exploit this weakness to execute arbitrary code on the targeted system. By writing data beyond the authorized boundaries, the attacker can manipulate the program's execution flow and gain unauthorized control. This vulnerability poses a significant risk, as local attackers can take advantage of it without requiring network access or user interaction. To mitigate this threat, it is recommended that users upgrade to the latest version of the software to apply the necessary patches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share