CVE-2024-45559

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 6, 2025
Updated: Jan 13, 2025
CWE ID 125
CWE ID 126

Summary

CVE-2024-45559 is a newly disclosed vulnerability affecting GVM's Vdev-FastRPC backend. The issue permits a Transient Denial of Service (DoS) attack, which can be triggered by GVM sending a specific message type to the backend. Successful exploitation of this vulnerability may cause the backend to become unresponsive, resulting in service disruption for users. The exact cause of the issue lies in the way GVM handles this message type, leading to an unintended response from the backend. It is strongly advised that affected organizations apply the forthcoming patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share