CVE-2024-41781

CVSS 3.1 Score 5.1 of 10 (medium)

Details

Published Nov 22, 2024
CWE ID 497

Summary

CVE-2024-41781 is a vulnerability affecting IBM PowerVM Platform KeyStore in various firmware versions, including FW950.00 through FW1060.10. If an attacker manages to gain service access to the HMC, they can exploit this vulnerability to decrypt sensitive data stored in the Platform KeyStore. This compromises the security of encryption keys and other confidential information, potentially leading to data breaches and unauthorized system access. The decryption process involves a series of service procedures, allowing the attacker to bypass the encryption and gain unauthorized access to the data.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share