CVE-2024-11794

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 787

Summary

CVE-2024-11794 is a remote code execution vulnerability affecting Fuji Electric Monitouch V-SFT V10. The flaw arises from inadequate validation of user-supplied data during file parsing, leading to an out-of-bounds write condition. This vulnerability enables attackers to execute arbitrary code on susceptible installations by deceiving users into visiting a malicious webpage or opening a malicious file. The specific issue was discovered as ZDI-CAN-24504.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share