CVE-2024-10771
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2024-10771 is a newly disclosed vulnerability that puts products at risk due to inadequate input validation during a firmware update process. By exploiting this weakness, an attacker with network access and Service user level can execute arbitrary system commands in the root user's contexts, leading to potential serious consequences. This vulnerability could allow an attacker to gain full control over the affected system, potentially leading to data theft, system damage, or further exploitation. Organizations using the affected product are advised to apply the necessary patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.