CVE-2024-5511

CVSS 3.0 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 125

Summary

CVE-2024-5511 is a Remote Code Execution vulnerability affecting Kofax Power PDF. This issue arises from improper validation of user-supplied data during JP2 file parsing, leading to an Out-Of-Bounds Read. For exploitation, a user must visit a malicious page or open a malicious file. Successful attacks can result in arbitrary code execution in the context of the current process. Originally identified as ZDI-CAN-22020.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share