CVE-2024-45449
CVSS 3.1 Score 5.1 of 10 (medium)
Details
Summary
CVE-2024-45449 is a vulnerability in the ringtone setting module that allows for improper access permission verification. This issue has been rated with a medium severity level (base score of 5.1) and can potentially compromise service confidentiality due to local exploitation without the need for user interaction or elevated privileges. The exploitability score is assessed at 2.5, indicating a low complexity for successful attacks. Affected products include specific models from Huawei, which can be found in their security bulletin linked here. Organizations are advised to apply relevant patches or updates as provided by the vendor to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.