CVE-2024-8778

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Sep 16, 2024
CWE ID 36

Summary

CVE-2024-8778 is a vulnerability found in OMFLOW from The SYSCOM Group, which fails to appropriately validate user input in its download feature, allowing remote attackers with standard privileges to access arbitrary system files. The affected products include yonWmI, yonWmH, and yoK7B4. This vulnerability poses a medium severity risk with high confidentiality impact, as it can lead to unauthorized access to sensitive information without requiring significant user interaction. To remediate this issue, it is recommended that organizations implement input validation measures and update their systems according to the latest security patches provided by the vendor. Exploitation of this vulnerability could significantly compromise data security within an organization.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share