Systeminformation Security Update Advisory (CVE-2024-56334)

Dec 26 2024

Overview

We have released a security update that addresses a vulnerability in systeminformation. Affected product users are advised to update to the latest version.

Affected Products

CVE-2024-56334

systeminformation Version: ~ 5.23.6 (inclusive)

Resolved Vulnerabilities

Malicious content in SSID could be executed as an OS command, which could allow an attacker to cause remote code execution or local privilege escalation (CVE-2024-56334)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-56334

systeminformation version: 5.23.7

References

[1] CVE-2024-56334 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-56334

[2] Command injection vulnerability in getWindowsIEEE8021x (SSID)

https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-cvv5-9h9w-qp2m

[3] systeminformaton/commit

https://github.com/sebhildebrandt/systeminformation/commit/f7af0a67b78e7894335a6cad510566a25e06ae41

Systeminformation Security Update Advisory (CVE-2024-56334)

Adobe Product Line Security Update Advisory

Amazon Redshift Driver Security Update Advisory

Tags:

Adobe Product Line Security Update Advisory

Amazon Redshift Driver Security Update Advisory