CVE-2024-47576

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Dec 10, 2024
CWE ID 427

Summary

CVE-2024-47576 is a vulnerability affecting the SAP Product Lifecycle Costing Client application. Versions below 4.7.1 are impacted. The issue lies in the application's loading of a dynamic link library (DLL) from the operating system. An attacker could potentially replace this DLL with a malicious one, gaining the ability to execute commands as part of the SAP Product Lifecycle Costing Client Application. Although the impact on confidentiality is low, there is no effect on the application's integrity or availability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share