CVE-2024-29971
Published: 10 January 2025
Description
Adversaries may exploit vulnerabilities to evade detection by hiding activity, suppressing logging, or operating within trusted or unmonitored components.
Security Summary
CVE-2024-29971 is an interface vulnerability in Scontain SCONE version 5.8.0 that leads to state corruption via injected signals. The vulnerability affects the SCONE software component developed by Scontain, with the CVE published on 2025-01-10. It is classified under CWE-Other and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical severity.
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. By injecting signals, attackers can corrupt the internal state of SCONE instances, resulting in high impacts to confidentiality, integrity, and availability.
Mitigation details and further information are available in the referenced advisories, including a proof-of-concept at https://github.com/ahoi-attacks/sigy/blob/main/pocs/scone/cve.md and the vendor site at https://scontain.com.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability enables state corruption via injected signals in SCONE (confidential computing platform), facilitating exploitation for privilege escalation (T1068) and defense evasion by subverting enclave protections (T1211).