ISHACK AI BOT

Fortinet FortiOS: Out-of-bounds Write (CVE-2020-12819) Severity 9 CVSS (AV:N/AC:M/Au:S/C:C/I:C/A:C) Published 12/19/2024 Created 01/28/2025 Added 01/27/2025 Modified 01/28/2025 Description A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context Solution(s) fortios-upgrade-5_6_13 fortios-upgrade-6_0_11 fortios-upgrade-6_2_5 fortios-upgrade-6_4_2 References https://attackerkb.com/topics/cve-2020-12819 CVE - 2020-12819 https://fortiguard.com/advisory/FG-IR-20-082

Google Chrome Vulnerability: CVE-2024-12695 Out of bounds write in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 12/20/2024 Added 12/19/2024 Modified 02/14/2025 Description Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-12695 CVE - 2024-12695 https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

Debian: CVE-2024-45818: xen -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode.Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it.This behavior results in a problem when emulating an instruction with two memory accesses, both of which touch VGA memory (plus some further constraints which aren't relevant here).When emulating the 2nd access, the lock that is already being held would be attempted to be re-acquired, resulting in a deadlock. This deadlock was already found when the code was first introduced, but was analysed incorrectly and the fix was incomplete.Analysis in light of the new finding cannot find a way to make the existing locking discipline work. In staging, this logic has all been removed because it was discovered to be accidentally disabled since Xen 4.7.Therefore, we are fixing the locking problem by backporting the removal of most of the feature.Note that even with the feature disabled, the lock would still be acquired for any accesses to the VGA MMIO region. Solution(s) debian-upgrade-xen References https://attackerkb.com/topics/cve-2024-45818 CVE - 2024-45818 DSA-5836-1

SUSE: CVE-2024-12801: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML configuration files. Solution(s) suse-upgrade-logback suse-upgrade-logback-access suse-upgrade-logback-examples suse-upgrade-logback-javadoc References https://attackerkb.com/topics/cve-2024-12801 CVE - 2024-12801

FreeBSD: VID-94B2D58A-C1E9-11EF-AA3F-DCFE074BD614 (CVE-2024-55603): kanboard -- Insufficient session invalidation Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 12/28/2024 Added 12/26/2024 Modified 12/26/2024 Description Kanboard is project management software that focuses on the Kanban methodology. In affected versions sessions are still usable even though their lifetime has exceeded. Kanboard implements a cutom session handler (`app/Core/Session/SessionHandler.php`), to store the session data in a database. Therefore, when a `session_id` is given, kanboard queries the data from the `sessions` sql table. At this point, it does not correctly verify, if a given `session_id` has already exceeded its lifetime (`expires_at`). Thus, a session which's lifetime is already `> time()`, is still queried from the database and hence a valid login. The implemented **SessionHandlerInterface::gc** function, that does remove invalid sessions, is called only **with a certain probability** (_Cleans up expired sessions. Called by `session_start()`, based on `session.gc_divisor`, `session.gc_probability` and `session.gc_maxlifetime` settings_) accordingly to the php documentation. In the official Kanboard docker image these values default to: session.gc_probability=1, session.gc_divisor=1000. Thus, an expired session is only terminated with probability 1/1000. This issue has been addressed in release 1.2.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) freebsd-upgrade-package-kanboard References CVE-2024-55603

Fortinet FortiAnalyzer: Unspecified Security Vulnerability (CVE-2021-32589) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 02/04/2025 Added 02/03/2025 Modified 02/03/2025 Description A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12 and below and FortiAnalyzer version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.3.11, version 5.2.10 to 5.2.4 fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device. Solution(s) fortinet-fortianalyzer-upgrade-5_6_11 fortinet-fortianalyzer-upgrade-6_0_11 fortinet-fortianalyzer-upgrade-6_2_8 fortinet-fortianalyzer-upgrade-6_4_6 References https://attackerkb.com/topics/cve-2021-32589 CVE - 2021-32589 https://fortiguard.fortinet.com/psirt/FG-IR-21-067

Red Hat JBossEAP: Expression Language Injection (CVE-2024-12798) Severity 5 CVSS (AV:L/AC:H/Au:S/C:P/I:C/A:P) Published 12/19/2024 Created 01/08/2025 Added 01/07/2025 Modified 01/07/2025 Description ACE vulnerability in JaninoEventEvaluatorby QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. Malicious logback configuration files can allow the attacker to execute arbitrary code using the JaninoEventEvaluator extension. A successful attack requires the user to have write access to a configuration file. Alternatively, the attacker could inject a malicious environment variable pointing to a malicious configuration file. In both cases, the attack requires existing privilege. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-12798 CVE - 2024-12798 https://access.redhat.com/security/cve/CVE-2024-12798 https://bugzilla.redhat.com/show_bug.cgi?id=2333351 https://logback.qos.ch/news.html#1.5.13

Ubuntu: USN-7202-1 (CVE-2020-6923): HPLIP vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow. Solution(s) ubuntu-upgrade-hplip References https://attackerkb.com/topics/cve-2020-6923 CVE - 2020-6923 USN-7202-1

Red Hat JBossEAP: Server-Side Request Forgery (SSRF) (CVE-2024-12801) Severity 2 CVSS (AV:L/AC:H/Au:S/C:P/I:P/A:N) Published 12/19/2024 Created 01/08/2025 Added 01/07/2025 Modified 02/03/2025 Description Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback configuration files in XML. The attacks involves the modification of DOCTYPE declaration in XML configuration files.. A Server-Side Request Forgery (SSRF) vulnerability was found in Logback. This flaw allows a local attacker to forge requests by modifying XML configuration files to ignore external DTD files specified in DOCTYPE declarations, potentially exposing confidential or restricted data. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-12801 CVE - 2024-12801 https://access.redhat.com/security/cve/CVE-2024-12801 https://bugzilla.redhat.com/show_bug.cgi?id=2333370 https://logback.qos.ch/news.html#1.5.13

Google Chrome Vulnerability: CVE-2024-12693 Out of bounds memory access in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 12/20/2024 Added 12/19/2024 Modified 02/14/2025 Description Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-12693 CVE - 2024-12693 https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html

SUSE: CVE-2024-12798: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description ACE vulnerability in JaninoEventEvaluatorby QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program execution. Malicious logback configuration files can allow the attacker to execute arbitrary code using the JaninoEventEvaluator extension. A successful attack requires the user to have write access to a configuration file. Alternatively, the attacker could inject a malicious environment variable pointing to a malicious configuration file. In both cases, the attack requires existing privilege. Solution(s) suse-upgrade-logback suse-upgrade-logback-access suse-upgrade-logback-examples suse-upgrade-logback-javadoc References https://attackerkb.com/topics/cve-2024-12798 CVE - 2024-12798

Fortinet FortiManager: Unspecified Security Vulnerability (CVE-2021-32589) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/19/2024 Created 02/05/2025 Added 02/02/2025 Modified 02/05/2025 Description A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12 and below and FortiAnalyzer version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.3.11, version 5.2.10 to 5.2.4 fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device. Solution(s) fortinet-fortimanager-upgrade-5_6_11 fortinet-fortimanager-upgrade-6_0_11 fortinet-fortimanager-upgrade-6_2_8 fortinet-fortimanager-upgrade-6_4_6 fortinet-fortimanager-upgrade-7_0_1 References https://attackerkb.com/topics/cve-2021-32589 CVE - 2021-32589 https://fortiguard.fortinet.com/psirt/FG-IR-21-067

Ubuntu: USN-7178-1 (CVE-2024-11614): DPDK vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/21/2024 Added 12/20/2024 Modified 12/20/2024 Description An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. Solution(s) ubuntu-upgrade-dpdk References https://attackerkb.com/topics/cve-2024-11614 CVE - 2024-11614 USN-7178-1

Alma Linux: CVE-2024-56326: Important: python-jinja2 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/23/2024 Created 01/17/2025 Added 01/16/2025 Modified 01/30/2025 Description Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5. Solution(s) alma-upgrade-fence-agents-common alma-upgrade-fence-agents-compute alma-upgrade-fence-agents-ibm-powervs alma-upgrade-fence-agents-ibm-vpc alma-upgrade-fence-agents-kubevirt alma-upgrade-fence-agents-virsh alma-upgrade-fence-virt alma-upgrade-fence-virtd alma-upgrade-fence-virtd-cpg alma-upgrade-fence-virtd-libvirt alma-upgrade-fence-virtd-multicast alma-upgrade-fence-virtd-serial alma-upgrade-fence-virtd-tcp alma-upgrade-python3-jinja2 References https://attackerkb.com/topics/cve-2024-56326 CVE - 2024-56326 https://errata.almalinux.org/8/ALSA-2025-0711.html https://errata.almalinux.org/9/ALSA-2025-0308.html https://errata.almalinux.org/9/ALSA-2025-0667.html

Microsoft Edge Chromium: CVE-2024-12695 Out of bounds write in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-12695 CVE - 2024-12695 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-12695

FreeBSD: VID-0A8DBC7F-BEDC-11EF-B5A1-000EC6D40964: Vaultwarden -- Admin organization permissions Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 12/24/2024 Added 12/22/2024 Modified 12/22/2024 Description The Vaultwarden project reports: Admins from any organization were able to modify or delete groups in any other organization if they know the group's uuid. Solution(s) freebsd-upgrade-package-vaultwarden

JetBrains TeamCity: CVE-2024-56354: Password field value were accessible to users with view settings permission (TW-49870) Severity 7 CVSS (AV:N/AC:L/Au:M/C:C/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56354 CVE - 2024-56354 https://www.jetbrains.com/privacy-security/issues-fixed/

Debian: CVE-2024-56337: tomcat10, tomcat9 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 12/24/2024 Added 12/23/2024 Modified 01/20/2025 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. Solution(s) debian-upgrade-tomcat10 debian-upgrade-tomcat9 References https://attackerkb.com/topics/cve-2024-56337 CVE - 2024-56337 DLA-4017-1 DSA-5845-1

JetBrains TeamCity: CVE-2024-56349: Improper access control allowed unauthorized users to modify build logs (TW-90726) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56349 CVE - 2024-56349 https://www.jetbrains.com/privacy-security/issues-fixed/

Apache Tomcat: Important: Remote Code Execution via write enabled DefaultServlet. Mitigation for CVE-2024-50379 was incomplete -(CVE-2024-56337) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 12/24/2024 Added 12/23/2024 Modified 12/23/2024 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. Solution(s) apache-tomcat-upgrade-10_1_34 apache-tomcat-upgrade-11_0_2 apache-tomcat-upgrade-9_0_98 References https://attackerkb.com/topics/cve-2024-56337 CVE - 2024-56337 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-11.html http://tomcat.apache.org/security-9.html

JetBrains TeamCity: CVE-2024-56348: Improper access control allowed viewing details of unauthorized agents (TW-85841) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56348 CVE - 2024-56348 https://www.jetbrains.com/privacy-security/issues-fixed/

JetBrains TeamCity: CVE-2024-56355: Missing Content-Type header in RemoteBuildLogController response could lead to XSS (TW-80940) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56355 CVE - 2024-56355 https://www.jetbrains.com/privacy-security/issues-fixed/

SUSE: CVE-2024-12678: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16. Solution(s) suse-upgrade-govulncheck-vulndb References https://attackerkb.com/topics/cve-2024-12678 CVE - 2024-12678

JetBrains TeamCity: CVE-2024-56352: Stored XSS was possible via image name on the agent details page (TW-89485) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56352 CVE - 2024-56352 https://www.jetbrains.com/privacy-security/issues-fixed/

VMware Photon OS: CVE-2024-56337 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/20/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-56337 CVE - 2024-56337