CVE-2024-6787

MEDIUM Year: 2024
CVSS v3 Score
5.9
Medium
Weakness Type
CWE-367
View all →

Vulnerability Description

This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

Related Vulnerabilities

CVE-2018-1121

MEDIUM
CVSS:5.9(Medium)

procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use...

CWE-3672018

CVE-2019-18644

MEDIUM
CVSS:5.9(Medium)

The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug; consequently, symbolic link attacks allow privileged files to be deleted.

CWE-3672019

CVE-2019-20000

MEDIUM
CVSS:5.9(Medium)

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted.

CWE-3672019

CVE-2020-3808

MEDIUM
CVSS:5.9(Medium)

Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion.

CWE-3672020

CVE-2020-8890

MEDIUM
CVSS:5.9(Medium)

An issue was discovered in MISP before 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of i...

CWE-3672020

CVE-2021-30342

MEDIUM
CVSS:5.9(Medium)

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snap...

CWE-3672021