CVE-2024-9136
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Summary
CVE-2024-9136 is an access permission verification vulnerability located in the App Multiplier module, affecting products including xs1aaV, xERK4Y, and syj3ra. The vulnerability has a medium severity rating with a base score of 6.7, indicating that it poses a potential risk to service confidentiality and can lead to unauthorized access if exploited. Successful exploitation requires high privileges and can be executed locally without user interaction, leading to significant impacts on integrity and availability as well. Remediation steps should focus on ensuring proper configuration of access permissions in the affected modules as outlined by Huawei’s security bulletin. Organizations are advised to monitor their systems for any signs of exploitation related to this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.