CVE-2024-33061

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 6, 2025
Updated: Jan 10, 2025
CWE ID 125
CWE ID 126

Summary

CVE-2024-33061 is a newly disclosed information disclosure vulnerability. This issue arises when the system processes IOCTL (Input/Output Control) calls for releasing trusted VM processes or opening channels without properly initializing them. Consequently, sensitive information may be exposed, potentially allowing unauthorized access to system details. This vulnerability could be exploited by attackers to gain insights into the system's inner workings, increasing the risk of further exploitation. System administrators should prioritize patching to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share