CVE-2024-43061

Summary

CVE-2024-43061 is a newly disclosed vulnerability affecting voice activation functionality in certain HLOS drives. The issue arises when the system attempts to load sound model parameters during voice activation, but the HLOS drive is empty, resulting in memory corruption. This vulnerability could potentially be exploited by an attacker to execute arbitrary code or cause a denial of service. Successful exploitation depends on the attacker's ability to manipulate the voice activation process and trigger the memory corruption condition. Users of the affected HLOS drives are advised to apply the forthcoming patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.