CVE-2024-45492

Summary

CVE-2024-45492 is a vulnerability found in libexpat versions prior to 2.6.3, which can lead to an integer overflow in the nextScaffoldPart function on 32-bit platforms. Affected products include various models denoted as hAicIB, hAicIA, cJsLr-, and several others, with a total of over 30 identified. The vulnerability has a high severity rating with a base score of 7.3 and can be exploited remotely without requiring user interaction, posing risks primarily to the integrity of systems. Remediation involves updating libexpat to version 2.6.3 or later, as indicated by patches available on GitHub. Organizations should act swiftly to mitigate potential impacts from this network-exploitable vulnerability, which could lead to compromised system functions despite low confidentiality and availability impacts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.