CVSS 3.1 Score 7.8 of 10 (high)


Published Mar 18, 2024
CWE ID 502


CVE-2024-2229 is a vulnerability categorized as CWE-502: Deserialization of Untrusted Data. It affects multiple products including u2QLfK, u2QK_a, and u2QK_Y. The vulnerability allows for remote code execution when a malicious project file is loaded into the application by a valid user. The risk score is 30, with a base severity of HIGH and a base score of 7.8. It requires user interaction and has a local attack vector. The potential danger includes high integrity and confidentiality impact, as well as potential availability impact. Remediation steps or further details are not provided in the given information.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-2229 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options