CVE-2024-20122

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Nov 4, 2024

Updated: Nov 5, 2024

CWE ID 125

Summary

CVE-2024-20122 is a newly identified cybersecurity vulnerability affecting the vdec component. The issue stems from a design flaw, leading to a potential out-of-bounds read. This vulnerability could result in local information disclosure, and system execution privileges are required for exploitation. Notably, user interaction is not necessary for an attacker to leverage this weakness. The patch for this issue is identified as ALPS09008925, and the internal reference is MSV-1572.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0LSsJc
https://www.cve.org/CVERecord?id=CVE-2024-20122
https://nvd.nist.gov/vuln/detail/CVE-2024-20122

Back to Vulnerability Database

CVE-2024-20122

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations