CVE-2024-38403

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 4, 2024
Updated: Nov 7, 2024
CWE ID 125
CWE ID 126

Summary

CVE-2024-38403 is a newly identified vulnerability that can cause a Transient Denial of Service (DoS) condition. This issue arises when parsing the Machine Learning IE (Internet Explorer) in Bluetooth Low Energy (BTM) packets, specifically when a STA (Station) profile is absent. This vulnerability could allow an attacker to send maliciously crafted packets to trigger the DoS condition, potentially disrupting the targeted system or network. The exact impact of this issue depends on the specific implementation and configuration of the affected system. Users are advised to apply the necessary patches or updates as soon as they become available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share