Known Vulnerabilities
CVE-2024-20082
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529.
CRITICAL
CVSS 9.8
Published Aug 14, 2024
CVE-2024-20070
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00942482; Issue ID: MSV-1469.
MEDIUM
CVSS 5.1
Published Jun 03, 2024