Security News > 2024 > April > Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks
2024-04-10 03:05
A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score of 10.0, indicating maximum severity. That said, it only impacts scenarios where batch files are invoked on Windows with untrusted arguments. "The Rust standard library did not properly escape
News URL
https://thehackernews.com/2024/04/critical-batbadbut-rust-vulnerability.html
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2024-24576 | Rust is a programming language. | 0.0 |