CVE-2024-11791

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 121
CWE ID 787

Summary

CVE-2024-11791 is a remote code execution vulnerability affecting Fuji Electric Monitouch V-SFT. The issue stems from insufficient validation of user-supplied data in V8C file parsing, leading to a stack-based buffer overflow. An attacker can exploit this vulnerability by crafting a malicious file or webpage that, when accessed, triggers the buffer overflow and executes arbitrary code in the affected system's context. This vulnerability, also known as ZDI-CAN-24450, poses a significant risk to Fuji Electric Monitouch V-SFT installations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share