Cyber Resilience

CVE-2024-9781

High

Published: 10 October 2024

Published
10 October 2024
Modified
25 November 2024
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0018 38.9th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-9781 is a high-severity Improper Handling of Missing Values (CWE-230) vulnerability in Wireshark Wireshark. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 38.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wireshark
wireshark
4.4.0 · 4.2.0 — 4.2.8

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References