CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-0772

High Severity
Nsasoft
SVRS
47/100
CVSSv3
5.5/10
EPSS
0.00041/1

CVE-2024-0772 is a vulnerability in Nsasoft ShareAlarmPro 2.1.4 allowing for memory corruption. Specifically, a problematic flaw exists in the Registration Handler component. By manipulating the Name/Key argument, attackers with local access can trigger memory corruption. Public exploits are available. This vulnerability, identified as VDB-251672, poses a risk to system stability. While its CVSS score is 5.5, the SOCRadar Vulnerability Risk Score (SVRS) of 47 suggests a moderate risk level, even though it's below the critical threshold of 80. Organizations using Nsasoft ShareAlarmPro 2.1.4 should investigate and monitor for potential exploits, despite the vendor's lack of response. The memory corruption could lead to unpredictable application behavior or even system crashes, highlighting the need for vigilance.

TAGS
No tags available
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-01-22
LAST MODIFIED2024-10-21

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppNsasoftsharealarmpro

References

ReferenceLink
[email protected]https://vuldb.com/?ctiid.251672
[email protected]https://vuldb.com/?id.251672
[email protected]https://youtu.be/WIeWeuXbkiY
GITHUBhttps://youtu.be/WIeWeuXbkiY

CWE Details

CWE IDCWE NameDescription
CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CWE-787Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence