CVE-2024-56317
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by access-control-server.cpp, i.e., a denial of service.
| CWE | CWE-281 |
| Vendor | matter |
| Product | matter |
| Published | Dec 18, 2024 |
| Last Updated | Jan 2, 2025 |
Stay Ahead of the Next One
Get instant alerts for matter matter
Be the first to know when new high vulnerabilities affecting matter matter are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Matter / Matter
0 โค 1.4.0.0