CVE-2024-11308

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 321

Summary

CVE-2024-11308 is a vulnerability affecting the DVC tool from TRCore. The issue arises due to the use of a hardcoded key for file encryption. Malicious actors can exploit this weakness to decrypt the encrypted files, thereby gaining access to the original content. This vulnerability poses a significant risk to data security and confidentiality. Organizations using the DVC tool from TRCore are strongly advised to apply the necessary patches or updates to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share