CVE-2024-54110

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 12, 2024
CWE ID 269

Summary

CVE-2024-54110 is a newly disclosed cross-process screen stack vulnerability affecting the UIExtension module. This issue allows an attacker to manipulate the screen stack of another process, potentially compromising the confidentiality of system services. The exact implications of this vulnerability are still being evaluated, but it is clear that successful exploitation could lead to significant security risks. The UIExtension module is a critical component, making this a concerning finding for organizations that rely on it. Mitigation strategies are currently being developed, but in the meantime, it is recommended that affected systems be closely monitored and updated as soon as a patch becomes available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share