CVE-2024-45616

CVSS 3.1 Score 3.9 of 10 (low)

Details

Published Sep 3, 2024

Updated: Sep 4, 2024

CWE ID 457

Summary

CVE-2024-45616 identifies a vulnerability in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK that allows an attacker to exploit insufficient control over the response APDU buffer through a crafted USB device or Smart Card. This vulnerability poses a low severity risk with an exploitability score of 0.5, indicating that it requires physical access to the device and has high attack complexity. The potential impact includes low integrity and confidentiality risks to the affected products. Organizations should remediate this vulnerability by applying patches or updates provided by vendors as they become available. Failure to address this issue could lead to unauthorized access or manipulation of sensitive data communicated through affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database