CVE-2024-47294

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Sep 27, 2024
Updated: Sep 30, 2024
CWE ID 16

Summary

CVE-2024-47294 identifies a vulnerability in the input method framework module that involves improper access permission verification. This issue can lead to high availability impact if successfully exploited, categorized with a medium severity rating (base score of 4.4). The vulnerability requires high privileges and has a low attack complexity, indicating that local attackers could exploit it without user interaction. Affected products include those utilizing the input method framework, particularly from Huawei, as noted in their security bulletin. Remediation steps are available through updates outlined in the provided reference link from Huawei's support page.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share