CVE-2024-20883

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Jun 4, 2024

Summary

CVE-2024-20883 is a vulnerability affecting the BatteryStatsService prior to the SMR Jun-2024 Release 1. This issue arises due to an incorrect usage of privileged APIs in the registerBatteryStatsCallback function. Consequently, local attackers can exploit this vulnerability to gain access to privileged APIs. The misuse of these APIs poses a significant security risk, enabling unauthorized actions on the system. The vulnerability has been addressed in the SMR Jun-2024 Release 1, and users are advised to update their systems promptly to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wRRY9r
https://www.cve.org/CVERecord?id=CVE-2024-20883
https://nvd.nist.gov/vuln/detail/CVE-2024-20883

Back to Vulnerability Database

CVE-2024-20883

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations