CVE-2024-26288

CVSS 3.1 Score 8.7 of 10 (high)

Details

Published Mar 12, 2024
CWE ID 319

Summary

CVE-2024-26288 is a newly disclosed vulnerability that allows an unauthenticated remote attacker to manipulate communication between devices due to the absence of encryption for sensitive data during transmission. This issue can potentially enable a man-in-the-middle (MITM) attack, posing a significant security risk. Charging functionality remains unaffected by this vulnerability. Device owners are strongly advised to implement encryption protocols and keep their systems updated to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share