CVE-2024-45555
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jan 6, 2025
Updated: Jan 13, 2025
CWE ID 190
CWE ID 787
Summary
CVE-2024-45555 is a newly disclosed vulnerability affecting IFS2 system images. The issue arises when an already authenticated and verified IFS2 image is overwritten in memory. Contrary to the expected verification process, this manipulation bypasses the boot verification, paving the way for unauthorized programs to be injected into security-sensitive images. As a consequence, the affected system can be booted with a tampered IFS2 image, potentially compromising the system's integrity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share