CVE-2024-49082
CVSS 3.1 Score 6.8 of 10 (medium)
Details
Summary
CVE-2024-49082 is a newly disclosed vulnerability affecting Microsoft Windows File Explorer. This information disclosure issue allows attackers to gain unintended access to file system information by manipulating specially crafted symbols in the File Explorer address bar. Successful exploitation may reveal sensitive information, posing a potential security risk to users. Microsoft has acknowledged the issue and encourages users to apply the forthcoming patch to mitigate the vulnerability. In the meantime, users are advised to be cautious when interacting with untrusted File Explorer inputs.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Windows Server 2008
Affected Vendors
- Microsoft