CVE-2024-52935

CVSS 3.1 Score 4.1 of 10 (medium)

Details

Published Jan 13, 2025

CWE ID 823

Summary

CVE-2024-52935 is a newly identified cybersecurity vulnerability that affects kernel software installed in Guest Virtual Machines (VMs). The issue allows an attacker to exploit shared memory between the Guest VM and the GPU Firmware, enabling them to write data outside the Guest's virtualized GPU memory. This could potentially lead to privilege escalation or data leakage within the Guest VM. The vulnerability could impact various industries that rely on virtualized environments for their operations, making it crucial for organizations to apply patches and maintain robust security practices to mitigate potential risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0pRd-W
https://www.cve.org/CVERecord?id=CVE-2024-52935
https://nvd.nist.gov/vuln/detail/CVE-2024-52935

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-52935

CVSS 3.1 Score 4.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations