CVE-2024-25413

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 16, 2024
Updated: Jan 13, 2025
CWE ID 91

Summary

CVE-2024-25413 is a newly disclosed vulnerability that affects the Import Jobs function of FireBear Improved Import And Export v3.8.6. This XSLT Server Side injection weakness enables attackers to execute arbitrary commands by crafting malicious XSLT files. Successful exploitation could lead to serious consequences, including unauthorized system access or data theft. Users are advised to update to the latest version of the software to mitigate this risk. Failure to do so may result in potential security breaches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share