CVE-2024-21475

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published May 6, 2024

CWE ID 823

Summary

CVE-2024-21475 is a memory corruption vulnerability that arises when the firmware's expected protocol size is not matched by the payload received. This issue can lead to unintended code execution or denial of service, posing a significant threat to system stability and security. Attackers can exploit this vulnerability by sending specially crafted firmware updates to gain unauthorized access or disrupt normal operations. System administrators are advised to apply patches as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vyjC0s
https://www.cve.org/CVERecord?id=CVE-2024-21475
https://nvd.nist.gov/vuln/detail/CVE-2024-21475

Back to Vulnerability Database

CVE-2024-21475

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations