CVE-2024-21649

Summary

CVE-2024-21649 is a remote code execution vulnerability affecting the vantage6 technology, which is used for managing and deploying privacy-enhancing technologies like Federated Learning and Multi-Party Computation. Before version 4.2.0, authenticated users could inject malicious code into algorithm environment variables, leading to unintended execution of commands. This security flaw has been addressed and resolved in version 4.2.0.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.