Vulnerability Description
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable service path. This is fixed in 4.3.10.192, 5.1.5.221, and 5.1.6.235.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 12Dsynergy | 12Dsynergy | < 4.3.10.192 |
| 12Dsynergy | File Replication Server | < 4.3.10.192 |
Related Weaknesses (CWE)
References
- https://files.12dsynergy.com/downloads/download.aspxProduct
- https://help.12dsynergy.com/v1/docs/cve-2024-24722Vendor Advisory
- https://www.12dsynergy.com/security-statement/Product
- https://files.12dsynergy.com/downloads/download.aspxProduct
- https://help.12dsynergy.com/v1/docs/cve-2024-24722Vendor Advisory
- https://www.12dsynergy.com/security-statement/Product
FAQ
What is CVE-2024-24722?
CVE-2024-24722 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy ...
How severe is CVE-2024-24722?
CVE-2024-24722 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-24722?
Check the references section above for vendor advisories and patch information. Affected products include: 12Dsynergy 12Dsynergy, 12Dsynergy File Replication Server.