← voltar
CVE-2024-47560

CVE-2024-47560

CVSS 7.8 HIGHEPSS 0.2%CWE-863
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.8EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 out 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If this vulnerability is exploited, unintended processes may be executed in the sandbox environment. Even if malware is executed in the sandbox environment, it does not compromise the client's local environment. However, information in the sandbox environment may be disclosed to outside or behaviors of the sandbox environment may be violated by tampering registry.
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
J’s Communication Co., Ltd. · RevoWorks Cloud Client

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://jscom.jp/news-20240918/https://jvn.jp/en/jp/JVN39280069/