May 6, 2025 By Pierluigi Paganini
Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published.
Arctic Wolf researchers observed threat actors beginning to exploit a high-severity vulnerability, tracked as CVE-2024-7399 (CVSS score: 8.8), in the Samsung MagicINFO content management system (CMS) just days after proof-of-concept (PoC) exploit code was publicly released.
The vulnerability is an improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050, an attacker can exploit the flaw to write arbitrary file as system authority.
