CVE-2024-20836

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Mar 5, 2024

Summary

CVE-2024-20836 is a newly disclosed vulnerability that affects the ssmis_get_frm function in libsubextractor.so before the SMR Mar-2024 Release 1. This issue represents an Out-of-Bounds Read vulnerability, enabling local attackers to read memory outside of designated boundaries. By manipulating input, an adversary can exploit this weakness and gain unauthorized access to sensitive information, potentially leading to serious security consequences. It is highly recommended that users upgrade to the latest release of SMR as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uwp1l4
https://www.cve.org/CVERecord?id=CVE-2024-20836
https://nvd.nist.gov/vuln/detail/CVE-2024-20836

Back to Vulnerability Database

CVE-2024-20836

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations