CVE-2024-20818

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 6, 2024
Updated: Mar 12, 2024
CWE ID 787

Summary

CVE-2024-20818 is a newly disclosed vulnerability affecting libsthmbc.so's svc1td_vld_elh function. Local attackers can exploit this Out-of-Bounds Write vulnerability to trigger a buffer overflow. Successful exploitation may result in arbitrary code execution or system crashes, posing a significant risk to affected systems. Before the SMR Feb-2024 Release 1 patch, this issue remained unaddressed, leaving vulnerable systems open to potential attacks. It is strongly advised to apply the patch as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share