CVE-2024-7886
Published: 16 August 2024
Summary
CVE-2024-7886 is a high-severity Untrusted Search Path (CWE-426) vulnerability. Its CVSS base score is 8.5 (High).
Operationally, ranked at the 19.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-48729
Vulnerability details
A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a…
more
requirement. The real existence of this vulnerability is still doubted at the moment. The vendor explains that a system must be breached before exploiting this issue. They are not planning on making any changes to address it.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.