CVE-2024-7576

In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:telerik:ui_for_wpf:*:*:*:*:*:*:*:*

History

03 Oct 2024, 13:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 9.8
First Time Telerik
Telerik ui For Wpf
CPE cpe:2.3:a:telerik:ui_for_wpf:*:*:*:*:*:*:*:*
References () https://docs.telerik.com/devtools/wpf/knowledge-base/unsafe-deserialization-cve-2024-7576 - () https://docs.telerik.com/devtools/wpf/knowledge-base/unsafe-deserialization-cve-2024-7576 - Vendor Advisory

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) En las versiones de Telerik UI para WPF anteriores al tercer trimestre de 2024 (2024.3.924), es posible un ataque de ejecución de código a través de una vulnerabilidad de deserialización insegura.

25 Sep 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 14:15

Updated : 2024-10-03 13:51


NVD link : CVE-2024-7576

Mitre link : CVE-2024-7576

CVE.ORG link : CVE-2024-7576


JSON object : View

Products Affected

telerik

  • ui_for_wpf
CWE
CWE-502

Deserialization of Untrusted Data