CVE-2024-47001

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 18, 2024
Updated: Sep 20, 2024
CWE ID 912

Summary

CVE-2024-47001 identifies a hidden functionality vulnerability in multiple digital video recorders manufactured by TAKENAKA ENGINEERING CO., LTD., which could allow a remote authenticated attacker to execute arbitrary operating system commands or modify device settings. Affected products include models such as yxDrDD, y02IZ8, y02IZ9, and others. The vulnerability has a high severity rating with a CVSS score of 8.8, indicating significant risks related to integrity and confidentiality due to the low privileges required for exploitation and the absence of user interaction. To remediate this issue, it is recommended that organizations monitor for updates from the manufacturer and apply any necessary patches or mitigations as soon as they become available. Failure to address this vulnerability could lead to unauthorized access and control over critical systems, posing serious risks to organizational security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share