CVE-2024-0210

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 3, 2024

Updated: Jan 10, 2024

CWE ID 674

Summary

CVE-2024-0210 is a newly disclosed vulnerability affecting Wireshark version 4.2.0. It allows an attacker to trigger a crash in the Zigbee TLV (Type-Length-Value) dissector through packet injection or a crafted capture file. This issue can result in a denial of service, disrupting network traffic analysis and potentially hindering diagnostic efforts. The precise cause of the crash remains undisclosed, but users are advised to update to the latest Wireshark release to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Wireshark

Affected Vendors

Wireshark Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uAgKBg
https://www.cve.org/CVERecord?id=CVE-2024-0210
https://nvd.nist.gov/vuln/detail/CVE-2024-0210

Back to Vulnerability Database