CVE-2024-7542

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Aug 6, 2024

Updated: Aug 29, 2024

CWE ID 908

CWE ID 457

Summary

CVE-2024-7542 is an information disclosure vulnerability affecting oFono, a modem software component. An attacker can exploit this issue by gaining the ability to execute code on the target modem and then manipulating AT+CMGR commands. The root cause is the lack of proper memory initialization before access, enabling an attacker to disclose sensitive information. While this vulnerability doesn't directly allow code execution, it can be combined with other weaknesses to achieve that goal. (ZDI-CAN-23309)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xglZBZ
https://www.cve.org/CVERecord?id=CVE-2024-7542
https://nvd.nist.gov/vuln/detail/CVE-2024-7542

Back to Vulnerability Database

CVE-2024-7542

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations