CVE-2024-34730

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 21, 2025

Updated: Jan 22, 2025

CWE ID 276

Summary

CVE-2024-34730 is a recently disclosed vulnerability affecting multiple locations. This issue arises from a logic error in the code, which permits the bypass of user consent for enabling new Bluetooth Human Interface Devices (HIDs). Notably, this vulnerability enables local privilege escalation without requiring any additional execution privileges, making it a significant concern. Furthermore, user interaction is not necessary for exploitation, increasing its potential impact. This flaw could potentially be exploited by an attacker to gain elevated access to a system, posing a potential security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v0SHHl
https://www.cve.org/CVERecord?id=CVE-2024-34730
https://nvd.nist.gov/vuln/detail/CVE-2024-34730

Back to Vulnerability Database

CVE-2024-34730

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations