CVE-2024-4175
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Apr 25, 2024
CWE ID 20
Summary
CVE-2024-4175 is a Unicode transformation vulnerability affecting Hyperion version 2.0.15. Malicious payloads containing Unicode characters can be sent to the system, which will be replaced by ASCII characters upon processing. This vulnerability could potentially be exploited by attackers to execute arbitrary code or commands. The exact impact of this issue depends on the specific application and configuration of the Hyperion system. Organizations running affected versions of Hyperion are advised to apply the forthcoming patch to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share