CVE-2024-43052

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 2, 2024
Updated: Dec 12, 2024
CWE ID 20

Summary

CVE-2024-43052 is a newly disclosed vulnerability affecting the processing of API calls to the NPU (Neural Processing Unit) component. The issue results in memory corruption, potentially leading to arbitrary code execution or denial-of-service conditions. An adversary can exploit this vulnerability by providing invalid input to the NPU API, causing unintended memory modifications and subsequent security risks. To mitigate this issue, organizations should update their systems with the latest patches as soon as they become available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share