CVE-2024-27940

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published May 14, 2024

CWE ID 89

Summary

CVE-2024-27940 is a newly discovered vulnerability affecting all versions of RUGGEDCOM CROSSBOW below V5.5. This issue grants any authenticated user the ability to execute arbitrary SQL commands on the SQL server. An attacker can potentially exploit this vulnerability to gain unauthorized access and compromise the entire database. This weakness could lead to significant data breaches and system compromises. Organizations using RUGGEDCOM CROSSBOW are urged to update to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v7IOOh
https://www.cve.org/CVERecord?id=CVE-2024-27940
https://nvd.nist.gov/vuln/detail/CVE-2024-27940

Back to Vulnerability Database

CVE-2024-27940

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations