CVE-2024-11933

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 122
CWE ID 787

Summary

CVE-2024-11933 is a remote code execution vulnerability affecting Fuji Electric Monitouch V-SFT X1. The issue lies in the file parsing functionality, specifically in the X1 file format. The vulnerability arises due to improper validation of user-supplied data, leading to a heap-based buffer overflow. An attacker can exploit this flaw by creating a malicious page or file, compelling the target to interact with it. Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the affected system. (ZDI-CAN-24548)

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share