CVE-2024-7399

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 12, 2024
Updated: Aug 13, 2024
CWE ID 434
CWE ID 22

Summary

CVE-2024-7399 is a vulnerability affecting Samsung MagicINFO 9 Server versions prior to 21.1050. This issue involves an improper restriction of directory paths, which allows attackers to write arbitrary files with system authority. This vulnerability can potentially be exploited to gain unauthorized access or control over the affected system, posing a significant risk to its security. Users are strongly encouraged to update their Samsung MagicINFO 9 Server software to the latest version to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share