CVE-2024-39813

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Feb 12, 2025

Updated: Feb 18, 2025

CWE ID 427

Summary

CVE-2024-39813 is a recently disclosed vulnerability affecting some versions of EPCT software. This issue involves an uncontrolled search path, which can potentially allow authenticated users to escalate their privileges via local access. By manipulating the software's search path, an attacker may gain elevated permissions, increasing the attack surface and potential impact on the system. EPCT software users are urged to upgrade to the latest version, 1.42.8.0, to mitigate this risk. This vulnerability could lead to significant security consequences if exploited, making it crucial for organizations and individuals to apply relevant patches promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database