Cyber Resilience

CVE-2024-52269

High

Published: 04 December 2024

Published
04 December 2024
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
EPSS Score 0.0018 39.0th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52269 is a high-severity User Interface (UI) Misrepresentation of Critical Information (CWE-451) vulnerability in Loom (inferred from references). Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Masquerading (T1036); ranked at the 39.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Other ATLAS/OWASP Terms risk domain.

EU & UK References

Vulnerability details

User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user. For reference see: CVE-2024-52276 This issue affects DocuSign: through 2024-12-04.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
The vulnerability explicitly affects the SaaS AI assistant in DocuSign, which aligns with Enterprise AI Assistants as it involves an enterprise-grade AI feature in a SaaS platform for document processing.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1036 Masquerading Stealth
Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools.
T1027 Obfuscated Files or Information Stealth
Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit.
T1566 Phishing Initial Access
Adversaries may send phishing messages to gain access to victim systems.
Why these techniques?

Content spoofing via UI misrepresentation enables obfuscation of malicious document content (T1027), masquerading as legitimate (T1036), and facilitates phishing by misleading users and bypassing AI review during signing (T1566).

Affected Assets

Loom
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References