CVE-2024-52726
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-52726 is a newly disclosed vulnerability affecting CRMEB v5.4.0. This issue permits an attacker to conduct arbitrary file reading, giving them the ability to access sensitive information stored on the affected system. The vulnerability lies within the save_basics function, which fails to properly restrict file access. Successful exploitation could lead to the exposure of confidential data, potentially causing significant damage or data breaches. System administrators are advised to update CRMEB to a patched version as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.