CVE-2024-26288

CVSS 3.1 Score 8.7 of 10 (high)

Details

Published Mar 12, 2024

CWE ID 319

Summary

CVE-2024-26288 is a newly disclosed vulnerability that allows an unauthenticated remote attacker to manipulate communication between devices due to the absence of encryption for sensitive data during transmission. This issue can potentially enable a man-in-the-middle (MITM) attack, posing a significant security risk. Charging functionality remains unaffected by this vulnerability. Device owners are strongly advised to implement encryption protocols and keep their systems updated to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uip2IB
https://www.cve.org/CVERecord?id=CVE-2024-26288
https://nvd.nist.gov/vuln/detail/CVE-2024-26288

Back to Vulnerability Database

CVE-2024-26288

CVSS 3.1 Score 8.7 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations