CVE-2024-34674
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Summary
CVE-2024-34674 is a new vulnerability affecting Contacts prior to the SMR Nov-2024 Release 1. This issue involves improper access control, enabling physical attackers to bypass security restrictions and access data across multiple user profiles. The consequence of this vulnerability could lead to unauthorized access and potential data breaches. Users are strongly encouraged to update their Contacts software to the latest release as soon as possible to mitigate this risk. This vulnerability could have significant implications for organizations with multiple users, as it may allow attackers to gain access to sensitive data without proper authorization.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.