CVE-2024-45163

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 22, 2024
CWE ID 400

Summary

CVE-2024-45163 identifies a vulnerability in the Mirai botnet that improperly manages simultaneous TCP connections to its command and control server, resulting in open unauthenticated sessions that lead to resource exhaustion. Affected products include those running the x4863o system. The issue allows attackers to exploit these sessions by sending recognized usernames or arbitrary data, posing a critical risk with a CVSS score of 9.1 due to its potential for high availability impact and integrity compromise. To remediate this vulnerability, organizations should apply available patches and limit access to their network resources to prevent unauthorized connection attempts. Failure to address this vulnerability could enable attackers to overload network resources, leading to denial-of-service conditions and significant operational disruptions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share