CVE-2024-11572:IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability (CVE-2024-11572)

splash
Back

Description Preview

The vulnerability identified as CVE-2024-11572 is a memory corruption issue in the way IrfanView parses DXF files. This flaw allows remote attackers to execute arbitrary code on systems running affected versions of IrfanView. Exploiting this vulnerability requires user interaction, such as visiting a malicious webpage or opening a malicious file. The lack of proper validation of user-supplied data during DXF file parsing leads to a memory corruption condition, which can be leveraged by attackers to execute code within the context of the affected process.

Overview

  • CVE ID: CVE-2024-11572
  • CVSS Base Score: 7.8 (High)
  • CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CWE ID: CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
  • Affected Vendor: IrfanView
  • Affected Product: IrfanView
  • Affected Versions: 4.67.0.0, 4.67 (less than 4.70)

Remediation

To mitigate the vulnerability CVE-2024-11572, users and administrators are advised to take the following actions:

  1. Update IrfanView to a version that is not affected by the vulnerability (version 4.70 or later).
  2. Avoid opening DXF files from untrusted or unknown sources.
  3. Regularly check for security updates and patches from the vendor to ensure the software is up to date.
  4. Implement security best practices to minimize the risk of exploitation, such as using network segmentation and access controls.

References

  1. ZDI Advisory: ZDI-24-1570
  2. Common Weakness Enumeration (CWE): CWE-119
  3. CISA ADP Vulnrichment Details: [CISA ADP Vulnrichment](reference not provided)
  4. Vendor Advisory: No specific vendor advisory link provided.

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing
    Manufacturing
  2. Public Administration
    Public Administration
  3. Health Care & Social Assistance
    Health Care & Social Assistance
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Educational Services
    Educational Services
  6. Transportation & Warehousing
    Transportation & Warehousing
  7. Finance and Insurance
    Finance and Insurance
  8. Information
    Information
  9. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  10. Retail Trade
    Retail Trade
  11. Utilities
    Utilities
  12. Accommodation & Food Services
    Accommodation & Food Services
  13. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  14. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  15. Construction
    Construction
  16. Management of Companies & Enterprises
    Management of Companies & Enterprises
  17. Mining
    Mining
  18. Other Services (except Public Administration)
    Other Services (except Public Administration)
  19. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background