CVE-2024-37154

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jun 6, 2024
Updated: Jun 7, 2024
CWE ID 285

Summary

CVE-2024-37154 is a vulnerability affecting the Evmos platform, an Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. The issue allows users to delegate tokens that have not yet been vested, which is particularly concerning for employees and grantees who manage funds using the `ClawbackVestingAccount`. This vulnerability, impacting versions 18.1.0 and earlier, could potentially lead to unintended token transfers or mismanagement of funds.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share