CVE-2024-33617

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Nov 13, 2024

Updated: Nov 15, 2024

CWE ID 691

Summary

CVE-2024-33617 is a newly disclosed vulnerability affecting some versions of OpenSSL software that utilizes Intel(R) QuickAssist Technology (QAT) Engine. The issue stems from insufficient control flow management within the Intel QAT Engine, potentially enabling an attacker to disclose sensitive information via network access. This vulnerability poses a risk to systems running affected OpenSSL versions and could lead to unauthorized data leakage. Organizations are advised to update to OpenSSL v1.6.1 or a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wFIx3n
https://www.cve.org/CVERecord?id=CVE-2024-33617
https://nvd.nist.gov/vuln/detail/CVE-2024-33617

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners

CVE-2024-33617

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations