CVE-2024-33055

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 6, 2025
Updated: Jan 10, 2025
CWE ID 416

Summary

CVE-2024-33055 is a recently disclosed vulnerability that affects the handling of IOCTL (Input/Output Control) calls in a specific system component. The issue results in memory corruption, allowing attackers to potentially execute arbitrary code or cause denial-of-service conditions. This vulnerability can be exploited by sending maliciously crafted IOCTL commands to the affected component, leading to unintended system behavior and potential security risks. Organizations are urged to apply patches or workarounds as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share