CVE-2024-22222

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 12, 2024
Updated: Feb 16, 2024
CWE ID 78

Summary

CVE-2024-22222 is a vulnerability found in Dell Unity versions prior to 5.4. It is categorized as an OS Command Injection Vulnerability within the svc_udoctor utility. This vulnerability can be exploited by an authenticated malicious user with local access, potentially leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. The affected products include ncySni, ib5_CZ, and uVqxAH. To remediate this vulnerability, organizations should update their Dell Unity software to version 5.4 or later. This vulnerability poses a high potential danger to organizations as it can allow unauthorized execution of commands on the affected system, compromising its integrity and confidentiality.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-22222 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options