CVE-2024-40675

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 28, 2025

Updated: Feb 6, 2025

CWE ID 835

Summary

CVE-2024-40675 is a newly identified vulnerability affecting the parseUriInternal function in Intent.java. The issue stems from insufficient input validation, leading to an infinite loop. This vulnerability could be exploited to cause a local denial of service, without requiring any additional execution privileges. Notably, user interaction is not necessary for an attacker to exploit this flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/w5aAmU
https://www.cve.org/CVERecord?id=CVE-2024-40675
https://nvd.nist.gov/vuln/detail/CVE-2024-40675

Back to Vulnerability Database

CVE-2024-40675

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations