CVE-2024-9325

Summary

CVE-2024-9325 is a newly discovered critical vulnerability that impacts Intelbras InControl up to version 2.21.56. The issue lies within the unquoted search path of the file C:\\Program Files (x86)\\Intelbras\\Incontrol Cliente\\incontrol_webcam\\incontrol-service-watchdog.exe. An attacker can exploit this vulnerability to launch an attack on the local host. Upgrading to Intelbras InControl version 2.21.58 is the recommended solution to address this issue. The vendor was informed of the vulnerability on 2024-08-05 and initially planned to release a fixed version by the end of August 2024, but the release was later postponed until 2024-09-20.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.