CVE-2024-49554

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 25.0, 24.6.3 and earlier

Description: The issue is related to a NULL Pointer Dereference error. Exploitation of this issue could allow an attacker to cause a denial-of-service by crashing the application, which requires user interaction in the form of opening a malicious file. An attacker could exploit this to block the application, leading to a denial of service condition.

Recommendations: For Media Encoder versions 25.0, 24.6.3 and earlier, avoid opening malicious files to minimize the risk of exploitation. As a temporary workaround, consider restricting access to potentially malicious files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.