CVE-2024-45168

Summary

CVE-2024-45168 is a critical vulnerability affecting UCI IDOL 2 (version 2.12) and associated products, including x4-eQ9, x4-eQ8, and others. The issue arises from data being transferred over a raw socket without any authentication, rendering the communication endpoints unverifiable. This vulnerability has a base severity score of 9.1, indicating high potential impacts on confidentiality and integrity, with an exploitability score of 3.9 due to its low attack complexity and lack of required privileges for exploitation. Organizations utilizing these products are at risk of unauthorized access to sensitive data. Remediation efforts should focus on implementing proper authentication mechanisms to secure data transmission within their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.