CVE-2024-45555

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 6, 2025
Updated: Jan 13, 2025
CWE ID 190
CWE ID 787

Summary

CVE-2024-45555 is a newly disclosed vulnerability affecting IFS2 system images. The issue arises when an already authenticated and verified IFS2 image is overwritten in memory. Contrary to the expected verification process, this manipulation bypasses the boot verification, paving the way for unauthorized programs to be injected into security-sensitive images. As a consequence, the affected system can be booted with a tampered IFS2 image, potentially compromising the system's integrity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share