July 8, 2024 at 08:01AM
Security researchers have identified a critical Ghostscript vulnerability (CVE-2024-29510), allowing remote code execution through a format string injection in the uniprint device. Exploited in the wild, this flaw impacts web applications and document conversion services. The issue was addressed in Ghostscript version 10.03.1, but immediate updating is strongly recommended to mitigate the risk.
From the meeting notes, it is evident that there is a significant concern regarding a Ghostscript vulnerability identified as CVE-2024-29510 which could lead to remote code execution. Security researchers at Codean Labs have warned about the impact of this vulnerability on web applications and services offering document conversion and preview functionalities, as Ghostscript is commonly used in these scenarios. The vulnerability was discovered in the uniprint device and has been exploited in the wild.
It’s important to note that six bugs, including CVE-2024-29510, have been addressed in Ghostscript versions 10.03.0 and 10.03.1 over the past several months. These vulnerabilities present a serious security risk and have prompted the recommendation to update installations to the latest version, particularly version 10.03.1, to mitigate the vulnerability.
According to security experts such as Bob Rudis from GreyNoise and ReadMe developer Bill Mill, the impact of this vulnerability is substantial, with reports of active exploitation in the wild. Organizations and end users are advised to take immediate action by updating their installations to the latest version of Ghostscript to protect against potential attacks.
The vulnerability in Ghostscript has significant repercussions, as it is widely used in various applications across different operating systems. It is important for organizations and individuals to be proactive in updating their installations to minimize the risk of exploitation.