CVE-2024-20107

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Nov 4, 2024

CWE ID 125

Summary

CVE-2024-20107 is a newly disclosed vulnerability in which a missing bounds check allows for an out-of-bounds read in the affected software. This issue could result in local information disclosure without requiring any additional execution privileges. Notably, user interaction is not necessary for an attacker to exploit this vulnerability. The patch for this issue is identified as ALPS09124360, and it is also referred to as MSV-1823. Organizations are encouraged to apply the patch as soon as possible to mitigate the risk of information disclosure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0LSsJO
https://www.cve.org/CVERecord?id=CVE-2024-20107
https://nvd.nist.gov/vuln/detail/CVE-2024-20107

Back to Vulnerability Database

CVE-2024-20107

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations