CVE-2024-2229

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 18, 2024

CWE ID 502

Summary

CVE-2024-2229 is a vulnerability categorized as CWE-502: Deserialization of Untrusted Data. It affects multiple products including u2QLfK, u2QK_a, and u2QK_Y. The vulnerability allows for remote code execution when a malicious project file is loaded into the application by a valid user. The risk score is 30, with a base severity of HIGH and a base score of 7.8. It requires user interaction and has a local attack vector. The potential danger includes high integrity and confidentiality impact, as well as potential availability impact. Remediation steps or further details are not provided in the given information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-2229 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database