CVE-2024-34612

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 7, 2024

Updated: Aug 12, 2024

CWE ID 787

Summary

CVE-2024-34612 is a newly disclosed vulnerability affecting libcodec2secmp4vdec.so. This issue permits local attackers to conduct out-of-bound writes, which can be exploited to execute arbitrary code. The flaw exists in software releases prior to the August 2024 Release 1 of SMR (Security Maintenance Release). By taking advantage of this vulnerability, attackers can potentially gain unauthorized control over affected systems. It is advised that users of the impacted software apply the upcoming security update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung Android

Affected Vendors

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vzgrx6
https://www.cve.org/CVERecord?id=CVE-2024-34612
https://nvd.nist.gov/vuln/detail/CVE-2024-34612

Back to Vulnerability Database