CVE-2024-47556

Summary

CVE-2024-47556 is a high-severity vulnerability characterized by pre-authentication remote code execution (RCE) via path traversal, affecting several Xerox products, including FreeFlow Core v7.0. The vulnerability has an exploitability score of 1.6 and a CVSS base score of 8.3, indicating a significant risk to confidentiality, integrity, and availability without requiring user interaction or elevated privileges. To remediate this issue, organizations should refer to the Xerox Security Bulletin XRX24-014 for guidance on patching affected systems. The potential danger posed includes unauthorized access and manipulation of sensitive data within the network, particularly from adjacent network vectors. Organizations utilizing these products are urged to act promptly to mitigate risks associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.