CVE-2024-25454

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 9, 2024

Updated: Feb 12, 2024

CWE ID 476

Summary

CVE-2024-25454 is a newly identified vulnerability in Bento4 v1.6.0-640. This issue involves a NULL pointer dereference in the AP4_DescriptorFinder::Test() function, which can lead to unintended application behavior or crashes. An attacker could potentially exploit this vulnerability to execute arbitrary code or cause denial-of-service conditions. Users of Bento4 are advised to update to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ubj5uX
https://www.cve.org/CVERecord?id=CVE-2024-25454
https://nvd.nist.gov/vuln/detail/CVE-2024-25454

Back to Vulnerability Database

CVE-2024-25454

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations