CVE-2024-20757

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 18, 2024

CWE ID 125

Summary

CVE-2024-20757 is a newly disclosed vulnerability affecting Bridge versions 13.0.5 and 14.0.1 and older. This issue represents an out-of-bounds read vulnerability, which enables an attacker to access sensitive memory content. Such unauthorized access could potentially bypass important security mitigations like Address Space Layout Randomization (ASLR). Notably, exploitation of this vulnerability necessitates user interaction. A victim must open a maliciously crafted file to fall prey to an attack.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/u2-3jO
https://www.cve.org/CVERecord?id=CVE-2024-20757
https://nvd.nist.gov/vuln/detail/CVE-2024-20757

Back to Vulnerability Database

CVE-2024-20757

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations