CVE-2024-2229
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-2229 is a vulnerability categorized as CWE-502: Deserialization of Untrusted Data. It affects multiple products including u2QLfK, u2QK_a, and u2QK_Y. The vulnerability allows for remote code execution when a malicious project file is loaded into the application by a valid user. The risk score is 30, with a base severity of HIGH and a base score of 7.8. It requires user interaction and has a local attack vector. The potential danger includes high integrity and confidentiality impact, as well as potential availability impact. Remediation steps or further details are not provided in the given information.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions