CVE-2024-41929

Summary

CVE-2024-41929 is an improper authentication vulnerability affecting multiple digital video recorders manufactured by TAKENAKA ENGINEERING CO., LTD, including models yxDrDD, y02IZ8, and others. This flaw allows a remote authenticated attacker to execute arbitrary operating system commands or modify device settings with low privileges and without user interaction. The vulnerability has a high severity rating with a CVSS base score of 8.8, indicating significant potential impacts on confidentiality, integrity, and availability. Organizations using the affected products should implement available patches or updates from the vendor to mitigate the risks associated with this vulnerability. Failure to address this issue could lead to unauthorized access and potential compromise of sensitive data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.