2 changes (1 new | 1 updated):

- 1 new CVEs: CVE-2024-51440 - 1 updated CVEs: CVE-2024-51324
athu-tran · Feb 12, 2025 · 5d6978d · 5d6978d
1 parent d1e9119
commit 5d6978d
Show file tree

Hide file tree

Showing 2 changed files with 120 additions and 2 deletions.
diff --git a/cves/2024/51xxx/CVE-2024-51324.json b/cves/2024/51xxx/CVE-2024-51324.json
@@ -5,7 +5,7 @@
         "cveId": "CVE-2024-51324",
         "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
         "assignerShortName": "mitre",
-        "dateUpdated": "2025-02-11T21:55:13.811Z",
+        "dateUpdated": "2025-02-12T21:49:04.193Z",
         "dateReserved": "2024-10-28T00:00:00.000Z",
         "datePublished": "2025-02-11T00:00:00.000Z"
     },
@@ -50,7 +50,69 @@
                     ]
                 }
             ]
-        }
+        },
+        "adp": [
+            {
+                "problemTypes": [
+                    {
+                        "descriptions": [
+                            {
+                                "type": "CWE",
+                                "cweId": "CWE-269",
+                                "lang": "en",
+                                "description": "CWE-269 Improper Privilege Management"
+                            }
+                        ]
+                    }
+                ],
+                "metrics": [
+                    {
+                        "cvssV3_1": {
+                            "scope": "UNCHANGED",
+                            "version": "3.1",
+                            "baseScore": 3.8,
+                            "attackVector": "NETWORK",
+                            "baseSeverity": "LOW",
+                            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
+                            "integrityImpact": "LOW",
+                            "userInteraction": "NONE",
+                            "attackComplexity": "LOW",
+                            "availabilityImpact": "NONE",
+                            "privilegesRequired": "HIGH",
+                            "confidentialityImpact": "LOW"
+                        }
+                    },
+                    {
+                        "other": {
+                            "type": "ssvc",
+                            "content": {
+                                "timestamp": "2025-02-12T21:47:17.335146Z",
+                                "id": "CVE-2024-51324",
+                                "options": [
+                                    {
+                                        "Exploitation": "poc"
+                                    },
+                                    {
+                                        "Automatable": "no"
+                                    },
+                                    {
+                                        "Technical Impact": "partial"
+                                    }
+                                ],
+                                "role": "CISA Coordinator",
+                                "version": "2.0.3"
+                            }
+                        }
+                    }
+                ],
+                "title": "CISA ADP Vulnrichment",
+                "providerMetadata": {
+                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+                    "shortName": "CISA-ADP",
+                    "dateUpdated": "2025-02-12T21:49:04.193Z"
+                }
+            }
+        ]
     },
     "dataVersion": "5.1"
 }
diff --git a/cves/2024/51xxx/CVE-2024-51440.json b/cves/2024/51xxx/CVE-2024-51440.json
@@ -0,0 +1,56 @@
+{
+    "dataType": "CVE_RECORD",
+    "cveMetadata": {
+        "state": "PUBLISHED",
+        "cveId": "CVE-2024-51440",
+        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+        "assignerShortName": "mitre",
+        "dateUpdated": "2025-02-12T21:55:59.221Z",
+        "dateReserved": "2024-10-28T00:00:00.000Z",
+        "datePublished": "2025-02-12T00:00:00.000Z"
+    },
+    "containers": {
+        "cna": {
+            "providerMetadata": {
+                "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+                "shortName": "mitre",
+                "dateUpdated": "2025-02-12T21:55:59.221Z"
+            },
+            "descriptions": [
+                {
+                    "lang": "en",
+                    "value": "An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component."
+                }
+            ],
+            "affected": [
+                {
+                    "vendor": "n/a",
+                    "product": "n/a",
+                    "versions": [
+                        {
+                            "version": "n/a",
+                            "status": "affected"
+                        }
+                    ]
+                }
+            ],
+            "references": [
+                {
+                    "url": "https://sharedobject.blog/posts/nothing-bpf/"
+                }
+            ],
+            "problemTypes": [
+                {
+                    "descriptions": [
+                        {
+                            "type": "text",
+                            "lang": "en",
+                            "description": "n/a"
+                        }
+                    ]
+                }
+            ]
+        }
+    },
+    "dataVersion": "5.1"
+}