CVE-2024-45773 is a use-after-free vulnerability classified under CWE-416 affecting Facebook Thrift, a software framework used for scalable cross-language services development. The vulnerability arises specifically when handling upgradeToRocket requests, which improperly manage memory, leading to use-after-free conditions. This flaw can cause the affected application to crash or, more critically, allow an attacker to execute arbitrary code remotely. The vulnerability affects all versions of Facebook Thrift prior to v2024.09.09.00. Exploitation requires network access and low privileges but does not require user interaction, increasing the risk of automated attacks. The CVSS v3.1 score of 7.5 indicates a high-severity issue with network attack vector, high impact on confidentiality, integrity, and availability, and a requirement for low privileges but high attack complexity. No public exploits or active exploitation have been reported yet, but the potential for remote code execution makes this a significant threat. Facebook Thrift is widely used internally at Facebook and by other organizations for RPC communication, meaning that vulnerable deployments could be targeted to disrupt services or gain unauthorized access. The lack of available patches at the time of reporting necessitates immediate attention to upgrade once available and implement interim mitigations.

The vulnerability poses a high risk to organizations using Facebook Thrift, as it can lead to remote code execution, allowing attackers to compromise affected systems fully. This can result in unauthorized data access, manipulation, service disruption, or lateral movement within networks. The use-after-free condition can also cause application crashes, leading to denial of service. Given Facebook Thrift's role in enabling scalable service communication, exploitation could impact critical backend infrastructure, affecting service availability and data integrity. Organizations relying on Facebook Thrift for internal or external services may face operational disruptions and potential data breaches. The absence of known exploits currently reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits rapidly. The vulnerability's network attack vector and no user interaction required make it suitable for remote exploitation, increasing the scope and ease of attack.

Organizations should immediately plan to upgrade Facebook Thrift to version 2024.09.09.00 or later once the patch is available. Until then, restrict network access to services using Facebook Thrift, especially limiting exposure of upgradeToRocket request handling endpoints to trusted networks only. Employ network segmentation and firewall rules to minimize attack surface. Monitor logs and network traffic for unusual upgradeToRocket request patterns or crashes indicative of exploitation attempts. Conduct thorough code audits and memory management reviews in custom implementations of Thrift to identify similar use-after-free risks. Implement runtime protections such as memory safety tools (e.g., AddressSanitizer) in development and testing environments to detect use-after-free conditions early. Maintain up-to-date intrusion detection and prevention systems with signatures for this vulnerability once available. Finally, ensure incident response plans include procedures for rapid containment and remediation of memory corruption exploits.