CVE-2024-7193
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-7193 is a newly disclosed vulnerability affecting Mp3tag up to version 3.26d. This issue resides in the tak_deco_lib.dll library of the DLL Handler component, resulting in an uncontrolled search path. An attacker can exploit this flaw to launch an attack on a local host. The exploit for this vulnerability has been made public, increasing the risk to users. Upgrading to version 3.26e is recommended to mitigate this issue. The vulnerability has been assigned the identifier VDB-272614. Notably, the vendor responded promptly and released a fixed version of the product.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- mp3tag
Affected Vendors
- Florian Heidenreich