CVE-2024-8785

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 2, 2024
Updated: Dec 9, 2024
CWE ID 648

Summary

CVE-2024-8785 is a newly disclosed vulnerability impacting WhatsUp Gold versions prior to 2024.0.1. An unauthenticated attacker can exploit this issue by manipulating NmAPI.exe to modify registry values in the HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\ path, potentially leading to serious system compromises. This vulnerability poses a significant risk, especially for organizations that have not yet applied the necessary patch.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Progress WhatsUp Gold

Affected Vendors

  • Progress Publishers