CVE-2024-47248

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Nov 26, 2024
Updated: Dec 6, 2024
CWE ID 120

Summary

CVE-2024-47248 is a buffer overflow vulnerability affecting Apache NimBLE, a Bluetooth Low Energy (BLE) stack. A maliciously crafted MESH message can cause memory corruption when non-default build configurations are used. This issue, classified as a "Classic Buffer Overflow" vulnerability, affects Apache NimBLE versions up to and including 1.7.0. To mitigate this risk, users are advised to upgrade to version 1.8.0, which includes the necessary fixes.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share