CVE-2024-7193

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jul 29, 2024
CWE ID 427

Summary

CVE-2024-7193 is a newly disclosed vulnerability affecting Mp3tag up to version 3.26d. This issue resides in the tak_deco_lib.dll library of the DLL Handler component, resulting in an uncontrolled search path. An attacker can exploit this flaw to launch an attack on a local host. The exploit for this vulnerability has been made public, increasing the risk to users. Upgrading to version 3.26e is recommended to mitigate this issue. The vulnerability has been assigned the identifier VDB-272614. Notably, the vendor responded promptly and released a fixed version of the product.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • mp3tag

Affected Vendors

  • Florian Heidenreich