all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks

Add to bookmarks
April 10, 2024, 3:05 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks.
The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments.
"The Rust standard library did not properly escape

attacks batch command command injection critical cve cve-2024 cvss cvss score exploited files flaw injection injection attacks library rust score security security flaw severity stage standard systems target untrusted vulnerability windows

Visit resource

More from thehackernews.com / The Hacker News

Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia an hour ago | thehackernews.com
agency classified defense documents +17
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 18 hours ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 21 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 21 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 1 day, 2 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 1 day, 15 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 1 day, 18 hours ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 1 day, 21 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 1 day, 21 hours ago | thehackernews.com
actor attacks code code execution +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer – Zscaler SME

@ Peraton | United States
View on infosec-jobs.com

Splunk Data Analytic Subject Matter Expert

@ Peraton | Woodlawn, MD, United States
View on infosec-jobs.com

Principal Consultant, Offensive Security, Proactive Services (Unit 42)- Remote

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

Senior Engineer Software Product Security

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Information System Security Engineer (Red Team)

@ Evolution | Riga, Latvia
View on infosec-jobs.com
View more jobs