CVE-2024-45167

Summary

CVE-2024-45167 identifies a critical vulnerability in UCI IDOL 2 (versions up to 2.12) that stems from improper input validation, deserialization issues, and insufficient memory buffer operation restrictions. This vulnerability affects various products including x4-eQ9, x4-eQ8, and x486oy, among others. It can lead to Denial-of-Service (DoS) attacks and potentially allow for remote code execution, with a significant impact on system availability and data integrity. Organizations are advised to remediate this issue by implementing the latest patches available from UCI's official site to mitigate risks associated with high CPU consumption caused by specific XmlMessage documents. The CVSS score for this vulnerability is 9.8, indicating a high level of risk requiring immediate attention.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.