CVE-2024-10771

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 6, 2024
CWE ID 94

Summary

CVE-2024-10771 is a newly disclosed vulnerability that puts products at risk due to inadequate input validation during a firmware update process. By exploiting this weakness, an attacker with network access and Service user level can execute arbitrary system commands in the root user's contexts, leading to potential serious consequences. This vulnerability could allow an attacker to gain full control over the affected system, potentially leading to data theft, system damage, or further exploitation. Organizations using the affected product are advised to apply the necessary patches as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share