CVE-2024-22004

Published Apr 5, 2024

Last updated 7 months ago

CVSS critical 10.0

Overview

Description: Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application
Source: dsap-vuln-management@google.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 10
Impact score: 6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

dsap-vuln-management@google.com: CWE-125

Hype score: Not currently trending

⚠️ 🛜 Vulnerabilities Exposed: Join Sergei Volokitin at #hw_ioNL2024 as he analyzes the impact of CVE-2024-22004 and CVE-2024-22013 on the security of Google Nest Wi-Fi Routers! Know More: https://t.co/soOV54dTPy #googlenest #vulnerability #android https://t.co/GeEir4XcWX
@hardwear_io
Oct 25, 2024 12:45 PM
529 Impressions
3 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes

References