CVE-2024-40568 — CRITICAL (9.8)

Vulnerability Description

Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pb_adv_handle_tranaction_cont function in the src/mesh/pb_adv.c component

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-120

References

https://github.com/xiaobye-ctf/My-CVE/tree/main/BTstack/CVE-2024-40568

FAQ

What is CVE-2024-40568?

CVE-2024-40568 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pb_adv_handle_tranaction_cont function...

How severe is CVE-2024-40568?

CVE-2024-40568 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2024-40568?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.