CVE-2024-45449

CVSS 3.1 Score 5.1 of 10 (medium)

Details

Published Sep 4, 2024
CWE ID 264

Summary

CVE-2024-45449 is a vulnerability in the ringtone setting module that allows for improper access permission verification. This issue has been rated with a medium severity level (base score of 5.1) and can potentially compromise service confidentiality due to local exploitation without the need for user interaction or elevated privileges. The exploitability score is assessed at 2.5, indicating a low complexity for successful attacks. Affected products include specific models from Huawei, which can be found in their security bulletin linked here. Organizations are advised to apply relevant patches or updates as provided by the vendor to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share