CVE-2024-4810

Summary

CVE-2024-4810 is a vulnerability that affects the register_device function. The issue arises from the unchecked return value of ida_simple_get, which can result in the use of an invalid index value. To remediate this vulnerability, it is recommended to check the index after ida_simple_get. If the index value is abnormal, a warning message should be displayed, the port should be dropped, and the value should be recorded. The potential danger to organizations is rated as medium severity with a base score of 5.3. The exploitability score is 0.8, indicating a relatively high likelihood of exploitation. The vulnerability requires low privileges and user interaction but has a high attack complexity and availability impact according to CVSS:3.1 metrics.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.