CVE-2024-31669
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-31669 is a newly disclosed vulnerability affecting rizin, a popular PE (Portable Executable) tool, before its Release v0.6.3. The issue enables attackers to induce uncontrolled resource consumption through three distinct functions: bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide. By manipulating the input data, an adversary can trigger resource exhaustion, potentially leading to denial-of-service (DoS) attacks, system instability, or even crashes. Successful exploitation of this vulnerability could hinder the targeted system's performance and create significant operational disruptions.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.