CVE-2024-39840

Summary

CVE-2024-39840 is a newly disclosed vulnerability in Factorio, a popular open-source manufacturing game. This issue allows a malicious server to execute arbitrary code on clients by exploiting certain Lua base module functions. These functions, when used with a specifically crafted map, can execute bytecode and generate fake objects, effectively bypassing the game's security measures. The impact of this vulnerability could result in unauthorized access to clients' systems, data theft, or other malicious activities. Users of Factorio are strongly advised to update to version 1.1.101 or later as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.