CVE-2024-8645

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 10, 2024
CWE ID 824

Summary

CVE-2024-8645 is a vulnerability in Wireshark affecting versions 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15, which can lead to denial of service through packet injection or crafted capture files. The impact score is rated as medium, with a base score of 5.5 and a significant availability impact due to the potential for crashes in the SPRT dissector. Remediation involves updating Wireshark to versions beyond the listed affected ones, as no special privileges are required for exploitation, but user interaction is necessary. Organizations using affected products may face service disruptions if this vulnerability is exploited locally, emphasizing the importance of patching systems promptly. For further details, users can refer to official resources provided by Wireshark's security advisories.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share