CVE-2024-11618
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-11618 is a newly disclosed critical vulnerability affecting the IPC Unigy Management System version 04.03.00.08.0027. The issue lies within the HTTP Request Handler component, which has an unknown functionality that is exploitable. This vulnerability enables an attacker to conduct server-side request forgery, allowing them to manipulate server requests remotely. The exploit for this vulnerability has been made public, increasing the risk for potential attacks. Despite early disclosure to the vendor, they have not responded or taken any action to address the issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.