CISA has added CVE‑2024‑7399 to its Known Exploited Vulnerabilities catalogue, affecting Samsung’s MagicINFO 9 Server. The vulnerability is a path traversal flaw that could allow an attacker to write arbitrary files with system authority.
The flaw is classified as a path traversal issue, exploitable remotely without authentication, enabling an adversary to place or overwrite files on the underlying server. It carries a CVSS v3.1 score of 8.8, rated HIGH, and a patch is available from Samsung. Successful exploitation could lead to full system compromise or persistence, depending on the files written and their location.
Active exploitation has been confirmed, which is the basis for the KEV designation. No public reports link this vulnerability to ransomware campaigns at present. CISA has set a remediation deadline of 08 May 2026 for Federal Civilian Executive Board agencies to address the issue.
CISA requires FCEB agencies to apply mitigations per vendor instructions, follow applicable BOD 22‑01 guidance for cloud services, or discontinue use of the product if mitigations cannot be applied. All organisations should review their exposure to Samsung MagicINFO 9 Server and consider applying the available patch or vendor‑recommended mitigations.
For full details, see the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2024-7399 and the CISA KEV catalogue.