{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T15:27:16.453","vulnerabilities":[{"cve":{"id":"CVE-2024-39755","sourceIdentifier":"talos-cna@cisco.com","published":"2024-10-03T16:15:05.230","lastModified":"2025-09-04T18:55:43.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de escalada de privilegios en Veertu Anka Build 1.42.0. La vulnerabilidad ocurre durante la actualización del agente del nodo Anka. Un usuario con pocos privilegios puede activar la acción de actualización, lo que puede provocar una elevación inesperada de privilegios."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-282"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:veertu:anka_build_cloud:1.42.0:*:*:*:*:*:*:*","matchCriteriaId":"DA553BA9-4893-4500-B0FB-7ACF869B790A"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2024-2060","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2060","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}