CVE-2024-20752

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 18, 2024

CWE ID 416

Summary

CVE-2024-20752 is a Use After Free vulnerability affecting Bridge versions 13.0.5 and 14.0.1 and earlier. This issue can lead to arbitrary code execution, giving an attacker the ability to run malicious code in the context of the current user. However, it's important to note that exploitation of this vulnerability requires user interaction, meaning a victim must open a specially crafted file for an attack to be successful. This vulnerability poses a significant risk if left unpatched and could lead to serious consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/u2-3jI
https://www.cve.org/CVERecord?id=CVE-2024-20752
https://nvd.nist.gov/vuln/detail/CVE-2024-20752

Back to Vulnerability Database

CVE-2024-20752

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations