Overview
- Description
- A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 8.5
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- cna@vuldb.com
- CWE-427
Social media
- Hype score
- Not currently trending
CVE-2024-10068 (CVSS:7.8, HIGH) is Awaiting Analysis. A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an ..https://t.co/6KhmqAtpvE #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
22 Oct 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-10068 A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.… https://t.co/kPSr5zEMcW
@CVEnew
433 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-10068: HIGH] Critical vulnerability discovered in OpenSight Software FlashFXP 5.4.0.3970! Exploit allows uncontrolled search path manipulation locally. Vendor unresponsive to disclosure.#cybersecurity,#vulnerability https://t.co/WB1ol99K1K https://t.co/ZdjyzhGpye
@CveFindCom
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta de Vulnerabilidad: CVE-2024-10068 🚨 Detectada en OpenSight Software FlashFXP 5.4.0.3970, esta vulnerabilidad ha sido clasificada como crítica. Afecta a la función desconocida en la librería `libcrypto-1_1.dll` del archivo `FlashFXP.exe`, lo que provoca una búsqueda de
@antu_tech
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes