CVE-2024-9136

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Sep 27, 2024
Updated: Sep 30, 2024
CWE ID 16

Summary

CVE-2024-9136 is an access permission verification vulnerability located in the App Multiplier module, affecting products including xs1aaV, xERK4Y, and syj3ra. The vulnerability has a medium severity rating with a base score of 6.7, indicating that it poses a potential risk to service confidentiality and can lead to unauthorized access if exploited. Successful exploitation requires high privileges and can be executed locally without user interaction, leading to significant impacts on integrity and availability as well. Remediation steps should focus on ensuring proper configuration of access permissions in the affected modules as outlined by Huawei’s security bulletin. Organizations are advised to monitor their systems for any signs of exploitation related to this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share