CVE-2024-34677

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Nov 6, 2024
Updated: Nov 12, 2024
CWE ID 922

Summary

CVE-2024-34677 is a newly disclosed cybersecurity vulnerability that affects System UI prior to the November 2024 Release 1. This issue exposes sensitive information, allowing local attackers to make malicious apps appear as legitimate. By exploiting this vulnerability, attackers can bypass security measures and potentially gain unauthorized access to user data or install malware. The exposure of this sensitive information increases the risk of phishing attacks and other forms of cybercrime. Users are advised to install the SMR Nov-2024 Release 1 as soon as it becomes available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share