CVE-2024-45450

CVSS 3.1 Score 4.0 of 10 (medium)

Details

Published Sep 4, 2024
CWE ID 200

Summary

CVE-2024-45450 is a permission control vulnerability found in the software update module of certain Huawei products. Exploitation of this vulnerability may lead to a loss of service confidentiality, posing a medium risk to organizations. The attack requires local access, with no special privileges or user interaction needed, making it relatively easy to exploit. To remediate this issue, users are advised to apply the latest security updates provided by Huawei as outlined in their support bulletin. The vulnerability has been rated with an exploitability score of 2.5 and a base severity score of 4.0, indicating that while the risk is moderate, it still warrants prompt attention from affected organizations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share