CVE-2024-27945

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published May 14, 2024

CWE ID 73

Summary

CVE-2024-27945 is a newly disclosed vulnerability affecting RUGGEDCOM CROSSBOW systems with versions below V5.5. The issue centers around the bulk import feature, which enables privileged users to upload files to the root directory of the system. Malicious actors could exploit this vulnerability by replacing specific files, potentially leading to data tampering or even remote code execution. This poses a significant security risk and requires immediate attention from affected organizations to apply the necessary patch or mitigation measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v7IOOr
https://www.cve.org/CVERecord?id=CVE-2024-27945
https://nvd.nist.gov/vuln/detail/CVE-2024-27945

Back to Vulnerability Database

CVE-2024-27945

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations