CVE-2024-45237
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-45237 is a critical vulnerability affecting Fort versions prior to 1.6.3, where a malicious RPKI repository can exploit a buffer overflow due to improper handling of Key Usage extension data. The flaw arises from the program writing an unvalidated string into a 2-byte buffer, which poses significant risks to integrity, confidentiality, and availability within affected products, including various models in the yHXBY series. Remediation involves updating to the latest version of Fort that addresses this security issue. With an exploitability score of 3.9 and a base severity rating of 9.8, this vulnerability allows for potential remote attacks without user interaction or required privileges. Organizations using vulnerable versions are urged to apply patches promptly to mitigate these risks effectively.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.