cbcvebase.
CVE-2024-10095
published 2024-12-16

CVE-2024-10095: In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.

PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.74%
50.1th percentile
In Progress Telerik UI for WPF versions prior to 2024 Q4 (2024.4.1213), a code execution attack is possible through an insecure deserialization vulnerability.

Affected

2 ranges
VendorProductVersion rangeFixed in
progress_softwaretelerik_ui_for_wpf< 2024.4.12132024.4.1213
telerikui_for_wpf< 24.4.121324.4.1213
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.

CVE-2024-10095 — Deserialization of Untrusted Data | cvebase