CVE-2024-20104

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Nov 4, 2024

CWE ID 787

Summary

CVE-2024-20104 is a newly disclosed vulnerability that affects the "in da" software. This issue involves a missing bounds check leading to an out-of-bounds write condition. The consequence of this vulnerability is the potential for local privilege escalation, allowing an attacker to elevate their privileges without requiring any additional execution privileges. User interaction is necessary for an attacker to successfully exploit this vulnerability. The patch for this issue is identified as ALPS09073261, and the Microsoft Security Vulnerability Database has assigned it the ID MSV-1772.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0LSsJM
https://www.cve.org/CVERecord?id=CVE-2024-20104
https://nvd.nist.gov/vuln/detail/CVE-2024-20104

Back to Vulnerability Database

CVE-2024-20104

CVSS 3.1 Score 8.4 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations