Addressing CVE-2024-43590 Elevation of Privilege in Visual C++ Redistributable Installer
Article ID: 384527
Updated On:
Products
DX Unified Infrastructure Management (Nimsoft / UIM)
Issue/Introduction
The DX UIM robot and many probes have a dependency on Microsoft Visual C++ Redistributable Installer.
The most recent DX UIM provided version 1.02 which is 2017 Microsoft Visual C++ Redistributable Installer ver 14.16.27033.0
Everything below 14.42 is classified as a high vulnerability per: CVE Record: CVE-2024-43590
Environment
- DX UIM 23.4.*
- Component: vs2017_vcredist_x86, vs2017_vcredist_x64
Resolution
The target fix tentative for this is in DX UIM 23.4.8 (CU8).
For an update open a case with Broadcom Support.
Feedback
Yes
No
Powered by
