CVE-2024-21473

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Apr 1, 2024
Updated: Jan 13, 2025
CWE ID 787
CWE ID 20

Summary

CVE-2024-21473 is a newly disclosed vulnerability that allows an attacker to corrupt memory when redirecting log files to an arbitrary file location with an unchecked filename. This issue can potentially lead to code injection, privilege escalation, or denial of service attacks. The vulnerability is memory corruption in nature and can be exploited through a maliciously crafted log file redirection command. Organizations are advised to apply patches or workarounds as soon as they become available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share