CVE-2024-9852

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 28, 2024
Updated: Dec 6, 2024
CWE ID 427

Summary

CVE-2024-9852 is a newly disclosed vulnerability affecting ICONICS GENESIS64, Mitsubishi Electric GENESIS64, and Mitsubishi Electric MC Works64 all versions. This Uncontrolled Search Path Element issue grants local authenticated attackers the ability to execute malicious code by planting a malicious DLL in a designated folder. The consequences of this vulnerability can range from information disclosure and tampering to denial of service conditions, making it a significant security concern. Users are strongly advised to update their software promptly to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share