CVE-2024-4810

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published May 14, 2024

CWE ID 476

Summary

CVE-2024-4810 is a vulnerability that affects the register_device function. The issue arises from the unchecked return value of ida_simple_get, which can result in the use of an invalid index value. To remediate this vulnerability, it is recommended to check the index after ida_simple_get. If the index value is abnormal, a warning message should be displayed, the port should be dropped, and the value should be recorded. The potential danger to organizations is rated as medium severity with a base score of 5.3. The exploitability score is 0.8, indicating a relatively high likelihood of exploitation. The vulnerability requires low privileges and user interaction but has a high attack complexity and availability impact according to CVSS:3.1 metrics.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-4810 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database