CVE-2024-20678
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Apr 9, 2024
Updated: Apr 10, 2024
CWE ID 843
Summary
CVE-2024-20678 is a remote code execution vulnerability affecting the Remote Procedure Call (RPC) runtime. An attacker can exploit this weakness by sending specially crafted RPC packets to a targeted system, leading to arbitrary code execution with the privileges of the RPC service. Successful exploitation could result in unauthorized system access, data theft, or further malicious activities. Organizations are advised to apply the available patches promptly to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share