CVSS 3.1 Score 9.6 of 10 (high)


Published Jan 26, 2024
Updated: Jan 31, 2024
CWE ID 306


CVE-2024-23618 is an arbitrary code execution vulnerability found in Arris SURFboard SGB6950AC2 devices. This vulnerability allows an attacker without authentication to execute code as root. The exploitability score is 2.8, indicating a moderate level of difficulty for attackers to exploit the vulnerability. The base severity is classified as critical, with a score of 9.6, due to the high impact on confidentiality and integrity. The affected products are Arris SURFboard SGB6950AC2 devices. To remediate this vulnerability, it is recommended to apply patches or firmware updates provided by the vendor. Organizations should be aware that if exploited, this vulnerability poses a significant danger as it allows unauthorized code execution with elevated privileges.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-23618 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options