CVE-2024-20818
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Feb 6, 2024
Updated: Mar 12, 2024
CWE ID 787
Summary
CVE-2024-20818 is a newly disclosed vulnerability affecting libsthmbc.so's svc1td_vld_elh function. Local attackers can exploit this Out-of-Bounds Write vulnerability to trigger a buffer overflow. Successful exploitation may result in arbitrary code execution or system crashes, posing a significant risk to affected systems. Before the SMR Feb-2024 Release 1 patch, this issue remained unaddressed, leaving vulnerable systems open to potential attacks. It is strongly advised to apply the patch as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Android
Affected Vendors
- Samsung