CVE-2024-49408

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Nov 6, 2024
Updated: Nov 13, 2024
CWE ID 787

Summary

CVE-2024-49408 is a newly disclosed vulnerability affecting the USB driver on the Galaxy S24. This issue allows local attackers to perform an out-of-bounds write, enabling them to manipulate out-of-bound memory. Successful exploitation of this vulnerability requires system privileges, making it a significant concern for security. The firmware update released in September 2024 is stated to address this issue, ensuring that affected devices are protected.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share