Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-20685

Published: 09/04/2024 Updated: 10/04/2024

Vulnerability Summary

This vulnerability allows remote malicious users to create a denial-of-service condition on affected installations of Microsoft Azure Private 5G Core. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of InitialUEMessage messages. The issue results from improper length validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the 5G network.

Recent Articles

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs
BleepingComputer • Lawrence Abrams • 09 Apr 2024

Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs By Lawrence Abrams April 9, 2024 01:34 PM 0 .crit { font-weight:bold; color:red; } .article_section td { font-size: 14px!important; } Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs. Only three critical vulnerabilities were fixed as part of today's Patch Tuesday, but there are over sixty-seven remote code execution bugs. More than half of th...

Read more...

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20685https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-24-362/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook