CVE-2024-0771
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Jan 21, 2024
Updated: May 17, 2024
CWE ID 119
CWE ID 787
Summary
CVE-2024-0771 is a newly disclosed vulnerability affecting Nsasoft Product Key Explorer version 4.0.9. This issue lies within the Registration Handler component and arises from a memory corruption flaw triggered by manipulating the Name/Key argument. An attacker must be in a local environment to exploit this vulnerability, which has already been made public. Despite early contact, the vendor has not responded to disclosure attempts. This vulnerability, identified as VDB-251671, poses a significant risk to users who have not yet patched their systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share