How severe is CVE-2024-3892?

CVE-2024-3892 has a CVSS v3 score of 7.2 (HIGH).

CVE-2024-3892

Name: telerik_ui_for_winforms
Author: progress

7.2HIGH

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arb

Published: 5/15/2024Updated: 7/3/2025

Description

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system.

AI AnalysisPowered by AI

Affected Products

progresstelerik_ui_for_winforms

References

https://docs.telerik.com/devtools/winforms/knowledge-base/local-code-execution-vulnerability-cve-2024-3892
Vendor Advisory
https://docs.telerik.com/devtools/winforms/knowledge-base/local-code-execution-vulnerability-cve-2024-3892
Vendor Advisory