CVE-2024-33039
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Summary
CVE-2024-33039 is a memory corruption vulnerability that arises when the PAL client calls PAL service APIs with an unvalidated handle. The handle is passed as a random value, which is not checked for validity by the service. This issue can lead to arbitrary code execution and potential security breaches. Attackers can exploit this vulnerability by sending malicious handle values to the service, causing memory corruption and allowing them to execute malicious code. Organizations using the affected software should apply the necessary patches as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.