CVE-2024-49406

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Nov 6, 2024

Updated: Nov 13, 2024

CWE ID 354

Summary

CVE-2024-49406 is a vulnerability affecting the Blockchain Keystore software before version 1.3.16. An attacker with local access can exploit this flaw by bypassing the integrity check, enabling them to manipulate transactions. This issue poses a significant risk as root privileges are required to trigger the vulnerability. Attackers can potentially steal or modify digital assets, posing a serious threat to users. Organizations and individuals using this software are strongly advised to update to the latest version to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Samsung

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zgiUzD
https://www.cve.org/CVERecord?id=CVE-2024-49406
https://nvd.nist.gov/vuln/detail/CVE-2024-49406

Back to Vulnerability Database

CVE-2024-49406

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations