CVE-2024-24459

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 15, 2024

CWE ID 125

Summary

CVE-2024-24459 is a newly identified vulnerability in Athonet vEPC MME v11.4.0. This issue arises due to an invalid memory access during the handling of the ProtocolIE_ID field in S1Setup Request messages. Attackers can exploit this weakness by delivering crafted payloads, leading to a Denial of Service (DoS) condition in cellular networks. Repeated connections with these malicious messages can cause the network to become unresponsive, disrupting services for legitimate users. This vulnerability poses a serious threat to network availability and necessitates prompt patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uRoKNB
https://www.cve.org/CVERecord?id=CVE-2024-24459
https://nvd.nist.gov/vuln/detail/CVE-2024-24459

Back to Vulnerability Database

CVE-2024-24459

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations