Critical severity9.1NVD Advisory· Published Jan 7, 2025· Updated Apr 15, 2026

CVE-2024-35532

Description

An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2024-35532.pdfnvd
intersec.com/public-safetynvd

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000