CVE-2024-45615

CVSS 3.1 Score 3.9 of 10 (low)

Details

Published Sep 3, 2024
Updated: Sep 4, 2024
CWE ID 457

Summary

CVE-2024-45615 is a vulnerability identified in OpenSC, including its tools, PKCS#11 module, minidriver, and CTK, due to the absence of variable initialization. This oversight can lead to potential security risks, although the severity is rated as low (base score of 3.9) with a physical attack vector and high complexity for exploitation. Organizations should ensure that they are using updated versions of these products and implement mitigations that address the variable initialization issues to prevent possible integrity and confidentiality impacts. The vulnerability does not require user interaction or specific privileges for exploitation. For more detailed information on remediation actions, organizations can refer to Red Hat's security advisories related to this CVE.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share