CVE-2024-11482
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 29, 2024
CWE ID 78
Summary
CVE-2024-11482 is a newly identified vulnerability in ESM 11.6.10. This issue grants unauthenticated access to the internal Snowservice API, allowing attackers to execute remote code injections. Successful exploitation results in code execution with root privileges. This vulnerability poses a significant threat, as it can be leveraged by adversaries to gain unauthorized access and compromise affected systems. Organizations using ESM 11.6.10 are urged to apply the necessary patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Trellix