CVE-2024-7596

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 5, 2025

Updated: Feb 6, 2025

Summary

CVE-2024-7596 is a vulnerability affecting the Proposed Generic UDP Encapsulation (GUE) draft. This issue arises from GUE's failure to validate or verify the source of incoming network packets. An attacker can exploit this flaw to spoof and route arbitrary traffic via an exposed network interface. This vulnerability can lead to unwanted network behaviors, including access control bypass, and is reminiscent of the CVE-2020-10136 issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xlIwLd
https://www.cve.org/CVERecord?id=CVE-2024-7596
https://nvd.nist.gov/vuln/detail/CVE-2024-7596

Back to Vulnerability Database

CVE-2024-7596

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations