How severe is CVE-2024-7539?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2024-7539?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2024-7539 - HIGH Severity | CVSS 7.8

Vulnerability Description

oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CUSD commands. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23195.

Related Vulnerabilities

CVE-2014-8184

HIGH

CVSS:7.8(High)

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause appli...

CWE-1212014

CVE-2015-1007

HIGH

CVSS:7.8(High)

A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional vers...

CWE-1212015

CVE-2017-12188

HIGH

CVSS:7.8(High)

arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest ...

CWE-1212017

CVE-2017-16739

HIGH

CVSS:7.8(High)

An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allo...

CWE-1212017

CVE-2017-16751

HIGH

CVSS:7.8(High)

A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Stack-based buffer overflow vulnerabilities caused by pr...

CWE-1212017

CVE-2018-11463

HIGH

CVSS:7.8(High)

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions <...

CWE-1212018