{"id":47328,"date":"2025-06-01T14:45:41","date_gmt":"2025-06-01T14:45:41","guid":{"rendered":""},"modified":"2025-10-21T04:49:51","modified_gmt":"2025-10-21T10:49:51","slug":"cve-2024-13952-predictable-filename-vulnerabilities-in-aspect-software","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2024-13952-predictable-filename-vulnerabilities-in-aspect-software\/","title":{"rendered":"CVE-2024-13952: Predictable Filename Vulnerabilities in ASPECT Software<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

A significant vulnerability, CVE-2024-13952, has been identified in a range of enterprise software platforms that, if exploited, could allow unauthorized access to sensitive information. The vulnerability arises from predictable filename patterns in ASPECT software which could potentially expose sensitive data to attackers, especially if administrator credentials are compromised.
\nThis vulnerability holds significant implications for organizations<\/a> using ASPECT-Enterprise, the NEXUS Series, and the MATRIX Series, all up to and including version 3.*. A successful exploit could lead to a complete system compromise or data<\/a> leakage. Given the high CVSS severity score of 8.4, it is crucial for organizations to understand the nature of this vulnerability and take immediate steps to mitigate its potential<\/a> impact.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2024-13952
\nSeverity: High (8.4 CVSS Score)
\nAttack Vector: Network
\nPrivileges Required: Low (Assuming compromised admin credentials<\/a>)
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n