CVE-2024-42017

Summary

CVE-2024-42017 identifies a critical vulnerability in Atos Eviden iCare versions 2.7.1 through 2.7.11, which exposes a local web interface that can be exploited if remotely accessible. This vulnerability allows attackers to execute arbitrary commands with system privileges without requiring authentication, posing significant risks to the integrity, confidentiality, and availability of affected systems. The impacted products include various models such as zF698F and zF8aq-. To remediate this issue, organizations should restrict remote access to the application and apply any available security patches from the vendor. With a CVSS score of 10.0, this vulnerability is categorized as critical due to its potential for severe impact on organizational security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.