CVE-2024-20743

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 15, 2024
Updated: Feb 16, 2024
CWE ID 787

Summary

CVE-2024-20743 is a newly disclosed vulnerability affecting Substance3D's Painter software versions 9.1.1 and older. This issue involves an out-of-bounds write vulnerability, which can potentially allow an attacker to execute arbitrary code. The exploitation of this flaw necessitates user interaction, requiring the victim to open a maliciously crafted file. Successful attacks could lead to significant security risks, emphasizing the importance of updating to the latest version of Painter to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share