CVE-2024-8058

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Dec 16, 2024

CWE ID 125

CWE ID 1287

Summary

CVE-2024-8058 is a newly disclosed vulnerability affecting the FileZ client. This issue is classified as an improper parsing vulnerability, where a specially crafted file in the FileZ directory can manipulate the URL preloading feature, allowing unauthorized access and the reading of arbitrary files on the affected device. This vulnerability poses a significant risk to data confidentiality and should be addressed promptly by updating to the latest version of the FileZ client.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/x9Sr2t
https://www.cve.org/CVERecord?id=CVE-2024-8058
https://nvd.nist.gov/vuln/detail/CVE-2024-8058

Back to Vulnerability Database

CVE-2024-8058

CVSS 3.1 Score 7.6 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations