CVE-2024-53407

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jan 15, 2025
Updated: Jan 17, 2025
CWE ID 426

Summary

CVE-2024-53407 is a newly identified vulnerability in Phiewer 4.1.0. This issue permits attackers to execute arbitrary commands by injecting a dynamic library (dylib) file. Successful exploitation could result in remote control and unauthorized access to sensitive user data. The vulnerability arises due to insufficient validation of loaded dylib files, enabling attackers to manipulate the application's functionality and gain unauthorized privileges. Users are advised to update Phiewer as soon as a patch is available to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share