CVE-2024-24731

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 31, 2025

CWE ID 120

Summary

CVE-2024-24731 is a newly disclosed vulnerability affecting Silicon Labs Gecko OS. This issue permits network-proximate attackers to execute arbitrary code on targeted devices without requiring authentication. The root cause of this vulnerability lies in the imprudent handling of user-supplied data within the http_download command. The flaw arises from insufficient validation of user input, resulting in stack-based buffer overflows. An attacker can exploit this weakness to inject and execute malicious code on the affected device.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uTWwPy
https://www.cve.org/CVERecord?id=CVE-2024-24731
https://nvd.nist.gov/vuln/detail/CVE-2024-24731

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-24731

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations