CVE-2024-7399

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 12, 2024

Updated: Aug 13, 2024

CWE ID 434

CWE ID 22

Summary

CVE-2024-7399 is a vulnerability affecting Samsung MagicINFO 9 Server versions prior to 21.1050. This issue involves an improper restriction of directory paths, which allows attackers to write arbitrary files with system authority. This vulnerability can potentially be exploited to gain unauthorized access or control over the affected system, posing a significant risk to its security. Users are strongly encouraged to update their Samsung MagicINFO 9 Server software to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xakOT5
https://www.cve.org/CVERecord?id=CVE-2024-7399
https://nvd.nist.gov/vuln/detail/CVE-2024-7399

Back to Vulnerability Database

CVE-2024-7399

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations