CVE-2024-28955

Published Nov 26, 2024

Last updated 3 months ago

CVSS medium 5.9

Overview

Description
Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Source
vultures@jpcert.or.jp
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.9
Impact score
3.6
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

vultures@jpcert.or.jp
CWE-732

Social media

Hype score
Not currently trending

  1. CVE-2024-28955 Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and res… https://t.co/DG7mgV7tSF

    @CVEnew

    26 Nov 2024

    388 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References