CVE-2024-48091

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 7, 2025

Updated: Feb 10, 2025

CWE ID 427

Summary

CVE-2024-48091 is a newly disclosed vulnerability affecting Tally Prime Edit Log v2.1. The TextShaping.dll component in this software was found to be susceptible to DLL hijacking attacks. Successful exploitation of this vulnerability enables attackers to execute arbitrary code by replacing the genuine DLL with a malicious one. This poses a significant risk to users, as it could lead to unauthorized system access and potential data theft or corruption. It is important that users update their software to a patch released by the vendor to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zT-rW2
https://www.cve.org/CVERecord?id=CVE-2024-48091
https://nvd.nist.gov/vuln/detail/CVE-2024-48091

Back to Vulnerability Database

CVE-2024-48091

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations