CVE-2024-8969

Summary

CVE-2024-8969 is a vulnerability identified in OMFLOW from The SYSCOM Group, which exposes sensitive data by allowing remote attackers who have logged in to access password hashes of all users and administrators. Affected products include ys6oW3 and ys6oHZ. The vulnerability has a medium severity rating with a CVSS base score of 6.5, indicating a high confidentiality impact and low required privileges for exploitation. To remediate the issue, organizations should apply security patches provided by the vendor as soon as they become available. If left unaddressed, this vulnerability poses significant risks to data security within an organization, potentially leading to unauthorized access and credential compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.