CVE-2024-35288

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 9, 2024

Updated: Nov 21, 2024

Summary

CVE-2024-35288 is a newly disclosed vulnerability affecting Nitro PDF Pro versions before 13.70.8.82 and 14.x before 14.26.1.0. The issue allows for Local Privilege Escalation in the MSI Installer, enabling an attacker to run cmd.exe as NT AUTHORITY\SYSTEM. This vulnerability arises due to the unsafe execution of custom actions in repair mode. During this process, CertUtil is launched in a conhost.exe window, providing an attacker with an opportunity to exploit a mechanism and trigger the cmd.exe execution using CTRL+o.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v8Ko_6
https://www.cve.org/CVERecord?id=CVE-2024-35288
https://nvd.nist.gov/vuln/detail/CVE-2024-35288

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners

CVE-2024-35288

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations