CVE-2024-41972

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 18, 2024

CWE ID 35

Summary

CVE-2024-41972 is a newly disclosed vulnerability that allows a low-privileged remote attacker to overwrite an arbitrary file on the system. This action could potentially result in an arbitrary file read with root privileges, granting the attacker significant access to the affected system. The specifics of the vulnerability are not detailed, but it's essential to note that an attacker needs only low privileges to exploit it. System administrators are encouraged to prioritize patches for this vulnerability to mitigate the associated risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xOlWvA
https://www.cve.org/CVERecord?id=CVE-2024-41972
https://nvd.nist.gov/vuln/detail/CVE-2024-41972

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners

CVE-2024-41972

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations