CVE-2024-45204
CVSS 3.0 Score 7.7 of 10 (high)
Details
Published Dec 4, 2024
Updated: Dec 6, 2024
CWE ID 863
Summary
CVE-2024-45204 is a newly disclosed vulnerability that allows a low-privileged user to illicitly obtain NTLM hashes of saved credentials through insufficient permissions in credential handling. By exploiting this weakness, attackers can potentially gain access to sensitive information and impersonate other users, leading to broader security risks beyond the initial targeted system. The vulnerability may have serious implications for organizations that rely on NTLM authentication and could necessitate immediate remediation efforts.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share