CVE-2024-52545

Summary

An unauthenticated attacker can perform an out of bounds heap read in the IQ Service (TCP port 9876). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111.

Affected Software

VendorProductVersion RangeStatus
Lorex2K Indoor Wi-Fi Security Camera0 < 2.800.0000000.8.R.20241111affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References