all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability

Add to bookmarks
May 9, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The ZDI has assigned a CVSS rating of 7.6. The following CVEs are assigned: CVE-2023-24948.

arbitrary code attackers bluetooth code code execution connect cve cves cvss device exploit integer malicious microsoft microsoft windows network protocol rating remote code remote code execution target vulnerability windows zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-483: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +20
ZDI-24-482: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-481: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-480: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-479: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-478: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-477: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +20
ZDI-24-476: (Pwn2Own) QNAP TS-464 HLS_tmp Directory Traversal Arbitrary File Creation Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
arbitrary code attackers authentication code +14
ZDI-24-475: (Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability 1 day, 9 hours ago | www.zerodayinitiative.com
arbitrary files attackers authentication cve +16

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Principal Security Research Engineer (Prisma Cloud)

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com

National Security Solutions Fall 2024 Co-Op - Positioning, Navigation and Timing (PNT) Intern

@ KBR, Inc. | USA, Beavercreek Township, 4027 Colonel Glenn Highway, Suite 300, Ohio
View on infosec-jobs.com

Sr Principal Embedded Security Software Engineer

@ The Aerospace Corporation | HIA32: Cedar Rapids, IA 400 Collins Rd NE , Cedar Rapids, IA, 52498-0505 USA
View on infosec-jobs.com