CVE-2024-2452

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Mar 26, 2024
CWE ID 190
CWE ID 120

Summary

CVE-2024-2452 is a high-severity vulnerability affecting Eclipse ThreadX NetX Duo before version 6.4.0. Exploiting this vulnerability requires network access, and an attacker who can control the parameters of __portable_aligned_alloc() can cause an integer wrap-around, resulting in an allocation smaller than expected. This can lead to subsequent heap buffer overflows. The base score for this vulnerability is 7.0, indicating a high risk level. Organizations should update their systems to version 6.4.0 or later to remediate this vulnerability and prevent potential attacks that could compromise the integrity of the system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2452 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options