CVE-2024-22123
CVSS 3.1 Score 2.7 of 10 (low)
Details
Published Aug 12, 2024
CWE ID 94
Summary
CVE-2024-22123 is a newly disclosed vulnerability that allows an attacker to manipulate SMS media messages, exploiting the functionality that converts these media files into Linux device files for GSM modem communication. By setting the media file to an arbitrary Linux file, such as a log file, the zabbix_server software attempts to communicate with it as a modem, resulting in the log file being damaged with AT commands and exposing a small portion of the file content in the UI.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Zabbix LLC