CVE-2024-47573

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-354
View all →

Vulnerability Description

An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image.

Related Vulnerabilities

CVE-2020-26141

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An advers...

CWE-3542020

CVE-2021-3772

MEDIUM
CVSS:6.5(Medium)

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used an...

CWE-3542021

CVE-2022-25946

MEDIUM
CVSS:6.5(Medium)

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Applia...

CWE-3542022

CVE-2022-35961

MEDIUM
CVSS:6.5(Medium)

OpenZeppelin Contracts is a library for secure smart contract development. The functions `ECDSA.recover` and `ECDSA.tryRecover` are vulnerable to a kind of signature malleability due to accepting EIP-...

CWE-3542022

CVE-2022-45191

MEDIUM
CVSS:6.5(Medium)

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can cause a denial of service by sending a pair confirm message with wrong values.

CWE-3542022

CVE-2022-46402

MEDIUM
CVSS:6.5(Medium)

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) accepts PairCon_rmSend with incorrect values.

CWE-3542022