Medium severity6.4NVD Advisory· Published Jul 30, 2024· Updated Apr 15, 2026

CVE-2024-40895

Description

FFRI AMC versions 3.4.0 to 3.5.3 and some OEM products that implement/bundle FFRI AMC versions 3.4.0 to 3.5.3 allow a remote unauthenticated attacker to execute arbitrary OS commands when certain conditions are met in an environment where the notification program setting is enabled and the executable file path is set to a batch file (.bat) or command file (.cmd) extension.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN26734798/nvd
www.ffri.jp/assets/files/other_docs/20240729.pdfnvd
www.skyseaclientview.net/news/240729_01/nvd
www.support.nec.co.jp/View.aspxnvd

News mentions

No linked articles in our index yet.

cvss	0.416
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000