CVE-2024-2955

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 26, 2024

Updated: Apr 19, 2024

CWE ID 762

Summary

CVE-2024-2955 is a denial-of-service vulnerability affecting Wireshark versions 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13. The issue lies within the T.38 dissector and can be exploited through packet injection or crafted capture files. Successful exploitation results in a crash, causing Wireshark to become unresponsive, effectively denying service to the user. Network administrators and security teams are advised to update their Wireshark installations to the latest patched version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Wireshark

Affected Vendors

Wireshark Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vC5Uqu
https://www.cve.org/CVERecord?id=CVE-2024-2955
https://nvd.nist.gov/vuln/detail/CVE-2024-2955

Back to Vulnerability Database