CVE Database · CVE-2024-43488
CVSS v3.1
8.8
EPSS
1.13%
Published
Oct 8, 2024
Modified
Oct 21, 2024
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HWeaknesses (CWE)
Affected Products (1)
References (1)