CVE-2024-11933
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 28, 2024
Updated: Dec 3, 2024
CWE ID 122
CWE ID 787
Summary
CVE-2024-11933 is a remote code execution vulnerability affecting Fuji Electric Monitouch V-SFT X1. The issue lies in the file parsing functionality, specifically in the X1 file format. The vulnerability arises due to improper validation of user-supplied data, leading to a heap-based buffer overflow. An attacker can exploit this flaw by creating a malicious page or file, compelling the target to interact with it. Successful exploitation grants the attacker the ability to execute arbitrary code in the context of the affected system. (ZDI-CAN-24548)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Monitouch V-SFT