CVE-2024-47015

Medium CVSS 5.5

Overview

In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation.

CWE: CWE-125 Published: 2024-10-25T11:15:16.570

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.5 (MEDIUM)
Detected tags: info_leak, oob_read (tag impact: LOW)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Overview

Recommended tools

Tags