Addressing CVE-2024-43590 Elevation of Privilege in Visual C++ Redistributable Installer
search cancel

Addressing CVE-2024-43590 Elevation of Privilege in Visual C++ Redistributable Installer

book

Article ID: 384527

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

The DX UIM robot and many probes have a dependency on Microsoft Visual C++ Redistributable Installer. 

The most recent DX UIM provided version 1.02 which is 2017 Microsoft Visual C++ Redistributable Installer ver 14.16.27033.0


Everything below 14.42 is classified as a high vulnerability per: CVE Record: CVE-2024-43590

Environment

  • DX UIM 23.4.*
  • Component: vs2017_vcredist_x86, vs2017_vcredist_x64

Resolution

As of June 2025 the target CU for this fix is CU6, however, the release may change. 

For an update open a case with Broadcom Support. 

Powered by Wolken Software