CVE-2024-4175

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 25, 2024
CWE ID 20

Summary

CVE-2024-4175 is a Unicode transformation vulnerability affecting Hyperion version 2.0.15. Malicious payloads containing Unicode characters can be sent to the system, which will be replaced by ASCII characters upon processing. This vulnerability could potentially be exploited by attackers to execute arbitrary code or commands. The exact impact of this issue depends on the specific application and configuration of the Hyperion system. Organizations running affected versions of Hyperion are advised to apply the forthcoming patch to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share