CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-7240

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00022/1

CVE-2024-7240 is a newly published vulnerability with currently limited information. Initial reports indicate it is a potential security risk, though detailed descriptions are not yet available. With a SOCRadar Vulnerability Risk Score (SVRS) of 30, the threat level is currently considered low, but it is tagged as "In The Wild", which means it has been spotted being actively exploited in real-world scenarios, demanding increased attention and monitoring. While a CVSS score of 0 suggests a minimal immediate impact from the traditional quantitative perspective, the "In The Wild" tag and the SVRS warrant careful observation for further developments. Organizations should monitor for updates and vendor patches related to CVE-2024-7240, preparing for potential mitigation efforts if the risk score increases. Immediate action might not be required, but awareness and proactive monitoring are crucial given its active exploitation. The absence of a detailed description highlights the need for continuous vigilance.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-08-03
LAST MODIFIED2024-08-03

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
Michael DePlante and Nicholas Zubrisky2024-07-31
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2 | The number of vulnerabilities that we see through the program provides significant insight into the attack surfaces of each product that we purchase bugs in. These submissions sometimes reveal not only potential variants but also broader architectural flaws. Submitters frequently choose to provide a full exploit with their submission, which can further reveal interesting techniques. Some of these techniques are so versatile that they end up being useful in the exploitation of several products that all share common functionality. The technique
cve-2024-7240
cve-2024-7234
cve-2024-7227
cve-2024-0353
CVE-2024-7240 | F-Secure Total link following (ZDI-24-1012)
vuldb.com2024-07-30
CVE-2024-7240 | F-Secure Total link following (ZDI-24-1012) | A vulnerability classified as critical was found in F-Secure Total. Affected by this vulnerability is an unknown functionality. The manipulation leads to link following. This vulnerability is known as CVE-2024-7240. The attack needs to be approached locally. There is no exploit available.
cve-2024-7240
domains
urls
cves
ZDI-24-1012: (0Day) F-Secure Total Link Following Local Privilege Escalation Vulnerability
2024-07-29
ZDI-24-1012: (0Day) F-Secure Total Link Following Local Privilege Escalation Vulnerability | This vulnerability allows local attackers to escalate privileges on affected installations of F-Secure Total. User interaction on the part of an administrator is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2024-7240.
cve-2024-7240
cves
privilege escalation
action

Social Media

[ZDI-24-1012|CVE-2024-7240] (0Day) F-Secure Total Link Following Local Privilege Escalation Vulnerability (CVSS 7.3; Credit: Nicholas Zubrisky (@NZubrisky) and Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative) https://t.co/Wmhajd99mD
0
0
0

Affected Software

No affected software found for this CVE

References

No references found for this CVE

CWE Details

No CWE details found for this CVE

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence