CVE-2024-2495

Published Mar 15, 2024

Last updated 11 days ago

CVSS medium 5.2

Overview

Description: Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data.
Source: cve-coordination@incibe.es
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.4
Impact score: 2.5
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

cve-coordination@incibe.es: CWE-1321

Hype score: Not currently trending

⚠️#INCIBEaviso | Múltiples vulnerabilidades en #SoftdialContactCenter #CVE CVE-2024-2493, CVE-2024-2494, CVE-2024-2495 https://t.co/Z0EG5nlPsu #AvisosDeSeguridad #CNA #0day https://t.co/JDwSswrkzC
@incibe_cert
18 Mar 2025
382 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:friendlyelec:friendlywrt:2022-11-16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CFBB066-9F30-4907-86F9-C4B9CC418709"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References