CVE-2024-39429

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Jul 1, 2024
CWE ID 787

Summary

CVE-2024-39429 is a vulnerability affecting the FaceID service. This issue involves a missing bounds check, resulting in a potential out-of-bounds write. Consequences of this flaw can lead to a local denial-of-service attack, without requiring any additional execution privileges. The vulnerability could be exploited by sending specially crafted inputs to the affected system, potentially disrupting its normal functioning. Organizations using the FaceID service are advised to apply relevant patches or updates as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share