CVE-2024-11798

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 787

Summary

CVE-2024-11798 is a remote code execution vulnerability affecting Fuji Electric Monitouch V-SFT X1 file parsing. The flaw is rooted in insufficient validation of user-supplied data, leading to an out-of-bounds write condition. Attackers can exploit this vulnerability by crafting malicious X1 files or web pages. Successful exploitation allows the execution of arbitrary code in the context of the affected system. This vulnerability, originally reported as ZDI-CAN-24663, poses a significant threat to installations of Fuji Electric Monitouch V-SFT.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share