CVE-2024-34617

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Aug 7, 2024
Updated: Aug 12, 2024
CWE ID 276

Summary

CVE-2024-34617 is a vulnerability affecting Telephony prior to the SMR Aug-2024 Release 1. This issue arises from improper handling of insufficient permissions, allowing local attackers to manipulate the default Message application configuration. By exploiting this weakness, attackers can make unauthorized adjustments, potentially leading to privacy breaches and unintended message transmissions. The vulnerability poses a significant risk to the security of messaging functionality within the affected system.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share