CVE-2024-25678

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 9, 2024

Updated: Feb 15, 2024

Summary

CVE-2024-25678 is a vulnerability affecting the LiteSpeed QUIC (LSQUIC) Library prior to version 4.0.4. This issue involves a mishandled DCID (Datagram Congestion Control ID) validation process in the library. Attackers can exploit this vulnerability to launch unspecified attacks, potentially resulting in denial-of-service conditions or other malicious activities. To mitigate this risk, it is recommended that users upgrade to the latest version of the LiteSpeed QUIC Library.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/udSleU
https://www.cve.org/CVERecord?id=CVE-2024-25678
https://nvd.nist.gov/vuln/detail/CVE-2024-25678

Back to Vulnerability Database

CVE-2024-25678

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations