CVE-2024-52989

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 10, 2024
Updated: Dec 18, 2024
CWE ID 191

Summary

CVE-2024-52989 is a newly disclosed vulnerability affecting Animate versions 23.0.8 and earlier. This issue involves an Integer Underflow, which can result in arbitrary code execution when a user opens a specially crafted file. The vulnerability occurs due to the failure to properly check for integer underflow conditions, leading to unexpected data behavior and potential code execution in the context of the current user. This vulnerability poses a significant risk, especially for users who open untrusted files, and requires immediate attention from Animate software users and administrators.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share