Cyber Resilience

CVE-2024-3207

MediumPublic PoC

Published: 02 April 2024

Published
02 April 2024
Modified
25 April 2025
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0021 43.1th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-3207 is a medium-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Ermig1979 Simd. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 43.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Computer Vision; in the Other ATLAS/OWASP Terms risk domain; MITRE ATLAS techniques in scope: External Harms (AML.T0048).

EU & UK References

Vulnerability details

A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the…

more

public and may be used. VDB-259054 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

AI Security AnalysisAI

AI Category
Computer Vision
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Simd (ermig1979/Simd) is a C++ library specializing in SIMD-optimized image processing and computer vision operations (e.g., filters, transformations, neural network primitives like convolutions), directly aligning with the Computer Vision category.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

Heap-based buffer overflow in Simd library's ReadUnsigned function enables remote unauthenticated arbitrary code execution via crafted input, facilitating T1203 (client-side exploitation) and T1210 (remote service exploitation depending on application deployment).

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0048: External Harms

Affected Assets

ermig1979
simd
≤ 6.0.134

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References