CVE-2024-7358

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 1, 2024
CWE ID 378

Summary

CVE-2024-7358 is a newly disclosed critical vulnerability affecting Point B Ltd's Getscreen Agent 2.19.6 on Windows systems. This issue lies within an unidentified functionality of the getscreen.msi file included in the installation component. Successful exploitation results in the creation of a temporary file with insecure permissions. Local access is necessary for an attacker to exploit this vulnerability, which has already been made public. The identifier VDB-273337 has been assigned to this issue. Despite early notification, the vendor was unable to provide a technical response in a timely manner.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share