CVE-2024-38177

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 13, 2024
Updated: Aug 16, 2024
CWE ID 116

Summary

CVE-2024-38177 is a newly discovered vulnerability affecting the Windows App Installer. Hackers can exploit this spoofing weakness to trick users into installing malicious software, potentially leading to system compromise. The vulnerability allows attackers to craft fraudulent installer packages, which can be disguised as trusted applications. Upon installation, the malware can gain elevated privileges, putting sensitive data at risk. This issue highlights the importance of verifying installer sources and keeping software up-to-date to mitigate potential threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share