CVE-2024-12970 LOW

CVE-2024-12970: OS Command Injection in TUBITAK BILGEM's Pardus OS My Computer

Vendor Tubitak Bilgem
Product Pardus OS My Computer
Weakness CWE-78
Published January 6, 2025
Last update June 1, 2026
View on NVD All CVEs

CVSS base score

3.9/10
Attack vector Physical
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: before 0.7.2.

Key dates

02Disclosure timeline

January 6, 2025 CVE published
June 1, 2026 Record updated