CVE-2024-20687

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jan 9, 2024

Updated: May 29, 2024

CWE ID 125

Summary

CVE-2024-20687 is a newly disclosed vulnerability affecting Microsoft's AllJoyn API. This issue allows an attacker to launch a Denial of Service (DoS) attack by sending malicious traffic to a targeted system. The vulnerability exists due to insufficient input validation in the API. An attacker can exploit this flaw to cause the API to consume excessive resources, leading to a denial of service condition. Microsoft has released a patch to address this vulnerability, and it is strongly recommended that users install the update as soon as possible to protect against potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uFf9Dj
https://www.cve.org/CVERecord?id=CVE-2024-20687
https://nvd.nist.gov/vuln/detail/CVE-2024-20687

Back to Vulnerability Database

CVE-2024-20687

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations