CVE-2024-24722
Published: 19 February 2024
Summary
CVE-2024-24722 is a critical-severity Unquoted Search Path or Element (CWE-428) vulnerability in 12Dsynergy 12Dsynergy. Its CVSS base score is 9.1 (Critical).
Operationally, ranked at the 36.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-22121
Vulnerability details
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed…
more
in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.