CVE-2024-49048

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

CWE ID 94

Summary

CVE-2024-49048 is a newly disclosed vulnerability affecting TorchGeo, a geospatial data processing software. This issue permits an attacker to execute arbitrary code remotely, granting unauthorized access and potential data theft. The vulnerability exists in the TorchGeo Server component, which processes geospatial data requests. Successful exploitation occurs when the software fails to properly validate user-supplied input, allowing an attacker to inject and execute malicious code. Organizations using TorchGeo are urged to apply patches promptly to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/zagCte
https://www.cve.org/CVERecord?id=CVE-2024-49048
https://nvd.nist.gov/vuln/detail/CVE-2024-49048

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-49048

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations