CVE-2024-38407

CVSS 3.1 Score 7.0 of 10 (high)

Details

Published Nov 4, 2024

Updated: Nov 7, 2024

CWE ID 367

Summary

CVE-2024-38407 is a newly identified vulnerability affecting the JPEG Encoder driver. This issue results in memory corruption during the processing of input parameters for any IOCTL (Input/Output Control) call. An attacker could exploit this vulnerability by sending maliciously crafted input to the driver, potentially leading to unintended code execution or denial of service conditions. Successful exploitation could result in significant security risks, including unauthorized system access or data theft. It is recommended that affected systems are updated with the latest driver patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wflnXU
https://www.cve.org/CVERecord?id=CVE-2024-38407
https://nvd.nist.gov/vuln/detail/CVE-2024-38407

Back to Vulnerability Database

CVE-2024-38407

CVSS 3.1 Score 7.0 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations