Memory Request Logic Vulnerability Threatens Integrity and Availability
CVE-2024-39672

7.1HIGH

Key Information:

Vendor: Unknown
Status: Harmonyos; Emui
Vendor: CVE Published:; 25 July 2024

What is CVE-2024-39672?

A vulnerability has been identified in the memory request logic of Huawei's memory module, which could lead to potential integrity and availability issues for the affected systems. Exploiting this weakness allows an attacker to manipulate memory requests, thereby compromising the reliable functioning of the memory module. As a result, organizations utilizing these affected products may experience degraded performance or unexpected system behavior, underscoring the importance of prompt updates and patches to mitigate these risks. Regular monitoring and security assessments are essential to safeguard against exploitation.

References

https://consumer.huawei.com/en/support/bulletin/2024/7/

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2024

Unknown

What is CVE-2024-39672?

References

CVSS V3.1

Timeline