CVE-2024-12399

Summary

CVE-2024-12399 is a newly identified vulnerability, classified as CWE-924. This issue involves improper message integrity enforcement during transmission in a communication channel. An attacker can exploit this weakness by performing a man-in-the-middle attack, resulting in partial loss of confidentiality, loss of integrity, and potential disruption of availability for Human-Machine Interfaces (HMI). The attacker intercepts the communication, allowing them to manipulate data and potentially gain unauthorized access or cause harm. Users are strongly advised to apply patches or updates as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.