CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-7344

Critical Severity
SVRS
75/100
CVSSv3
8.2/10
EPSS
0.00039/1

CVE-2024-7344 allows attackers to execute unsigned software on vulnerable Howyar UEFI "Reloader" applications. This vulnerability affects both 32-bit and 64-bit versions, enabling malicious code execution via a hardcoded path. With a SOCRadar Vulnerability Risk Score (SVRS) of 75, this CVE requires prompt attention. While not categorized as "critical" (above 80), it is still a high-risk issue because, according to reports, it is actively being exploited in the wild. Successful exploitation allows attackers to bypass security measures. The core of the issue is CWE-347, improper verification of software signatures. This can lead to complete system compromise and is a significant threat to system integrity. This is a very serious issue.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:H
UI:N
S:C
C:H
I:H
A:H
PUBLICATION DATE2025-01-14
LAST MODIFIED2025-01-22
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-7344 affects Howyar UEFI Application "Reloader" (both 32-bit and 64-bit versions). This vulnerability allows the execution of unsigned software located in a hardcoded path, bypassing security measures intended to prevent the execution of unauthorized code. The SVRS score of 82 indicates a critical vulnerability, signifying an immediate need for action to mitigate the risk.

Key Insights

  • Unintended Code Execution: The vulnerability enables attackers to execute arbitrary code without requiring any digital signatures. This could lead to malicious actions like installing malware, stealing sensitive data, or taking control of the affected system.
  • Hardcoded Path: The vulnerability exploits a hardcoded path, making it easier for attackers to exploit. This could be particularly concerning for systems that rely on default configurations.
  • Wide Impact: The vulnerability affects both 32-bit and 64-bit versions of Howyar UEFI Application "Reloader", potentially impacting a large number of systems.
  • Active Exploitation: The vulnerability is being exploited "In The Wild," indicating active attacks are ongoing.

Mitigation Strategies

  • Patching: Update the Howyar UEFI Application "Reloader" to the latest version with a patch addressing the CVE-2024-7344 vulnerability.
  • Access Control: Restrict access to the hardcoded path exploited in the vulnerability, preventing unauthorized modifications or code execution.
  • System Monitoring: Implement robust system monitoring tools to detect any suspicious activity related to this vulnerability or unusual behavior.
  • Security Awareness Training: Educate users about the risks associated with this vulnerability and the importance of downloading software only from trusted sources.

Additional Information

If you have additional queries regarding this incident, you can use the "Ask to Analyst" feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities
Dr. Johannes B. Ullrich2025-01-20
SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot Vulnerabilities | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS ISC Stormcast, Jan 20, 2025: Honeypots for Offense; SimpleHelp and UEFI Secure Boot VulnerabilitiesIn this episode, we cover how to use honeypot data to keep your offensive infrastructure alive longer, three critical vulnerabilities in SimpleHelp that must be patched now, and an interesting vulnerability affecting many systems allowing UEFI Secure Boot bypass. Leveraging Honeypot Data for Offensive Security Operations [Guest Diary] A recent guest
sans.edu
rss
forum
news
VU#529659: Howyar Reloader UEFI bootloader vulnerable to unsigned software execution
2025-03-01
VU#529659: Howyar Reloader UEFI bootloader vulnerable to unsigned software execution | Overview The Howyar UEFI Application "Reloader" (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded path. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure Boot feature and execute unsigned code during the boot process in the UEFI context. Description The <a href
cert.org
rss
forum
news
The January 2025 Security Update Review
Dustin Childs2025-03-01
The January 2025 Security Update Review | Welcome to the first Patch Tuesday of the new year. Even while preparing for Pwn2Own Automotive, the second Tuesday still brings with it a bevy of security updates from Adobe and Microsoft. Take a break from avoiding your New Year’s resolutions and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: <p class
zerodayinitiative.com
rss
forum
news
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344
2025-03-01
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 | The story of a signed UEFI application allowing a UEFI Secure Boot bypass
cve-2024-7344
cloak
cve
application
Data Breaches Digest - Week 3 2025
Dunkie ([email protected])2025-03-01
Data Breaches Digest - Week 3 2025 | Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th January and 19th January 2025. 19th January <br
dbdigest.com
rss
forum
news
Eset Yeni Bir Güvenlik Açığı Tespit Etti
Türk-İnternet Haber Merkezi2025-01-22
Eset Yeni Bir Güvenlik Açığı Tespit Etti | Eset araştırmacıları, UEFI tabanlı sistemlerin çoğunda aktörlerin UEFI Secure Boot'u atlamasına olanak tanıyan CVE-2024-7344 adlı yeni bir güvenlik açığı keşfetti. Eset Yeni Bir Güvenlik Açığı Tespit Etti - Türk İnternet.Siber güvenlik şirketi Eset, UEFI tabanlı sistemlerin çoğunu etkileyen ve aktörlerin UEFI Secure Boot&#8217;u atlamasına olanak tanıyan bir güvenlik açığı keşfetti. CVE-2024-7344 olarak
turk-internet.com
rss
forum
news
Privacy Roundup: Week 3 of Year 2025
Avoid The Hack!2025-01-20
Privacy Roundup: Week 3 of Year 2025 | This is a news item roundup of privacy or privacy-related news items for 12 JAN 2025 - 18 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional "security" content mixed-in here due to the close relationship between online privacy and cybersecurity - many things
securityboulevard.com
rss
forum
news

Social Media

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious BootkitsUEFI vulnerability CVE-2024-7344 allows unsigned code execution in Secure Boot systems. Microsoft revokes binaries; vendors issue patches.🔒 A new flaw (CVE-2024-7344) in https://t.co/aQVmy9t0t7 https://t.co/PbDt0zz2wR
0
0
0
🛡️🚀 Vulnerabilidad en UEFI Secure Boot (CVE-2024-7344) permite cargar bootkits maliciosos. Actualiza tus sistemas y refuerza la seguridad para mitigar riesgos. 🔄🔍 #Ciberseguridad #UEFI #ProtecciónDeDatos https://t.co/RfKtSUKM9T
0
0
0
[We Live Security - ESET] Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344. The story of a signed UEFI application allowing a UEFI Secure Boot bypass https://t.co/3GkUXosK4m
0
0
0
Bajo el Manto de UEFI Secure Boot: Presentación de CVE-2024-7344 https://t.co/JGSj1lFoTy #securidad #ciberseguridad
0
0
0
Just read about CVE-2024-7344. It's wild that attackers can bypass UEFI Secure Boot on most systems. Even with quick fixes, it makes you worry about more hidden vulnerabilities out there...https://t.co/tuAmCHuPIT
0
0
0
🚩 #ciberseguridad #hacking Vulnerabilidad CVE-2024-7344 permite eludir UEFI Secure Boot 🔒 https://t.co/GJp7owAgw6 https://t.co/DqIRtkZ6o9
0
0
0
New UEFI malware exploits a Secure Boot flaw (CVE-2024-7344), allowing attackers to install persistent bootkits. Microsoft has patched it after months, but risks remain. Stay protected by updating your systems now. https://t.co/eAL4DKjHfF
0
0
0
@AmyLynnOrg The origins of ransomware are .amazing. With vulnerabilities like CVE-2024-7344, what do you think the security game plan for cloud-native apps and Kubernetes environments?
0
0
0
UEFI Vulnerability Bypasses Secure Boot Researchers have disclosed a now-patched security vulnerability that could allow threat actors to bypass the Secure Boot mechanism of UEFI systems. Tracked as CVE-2024-7344 and assigned a CVSS score of 6.7, this vulnerability could enable
0
0
0
csirt_it: #UEFI: ricercatori di sicurezza di ESET hanno recentemente rilevato la vulnerabilità CVE-2024-7344 relativa al bootloader #Howyar #Reloader Rischio: 🔴 Tipologia: 🔸 Security Feature Bypass 🔸 Arbitrary Code Execution 🔗 … https://t.co/KcovQn0CRK
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
AF854A3A-2127-422B-91AE-364DA2661108https://www.kb.cert.org/vuls/id/529659
[email protected]https://uefi.org/revocationlistfile
[email protected]https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html
[email protected]https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html
[email protected]https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/
134C704F-9B21-4F2E-91B3-4A467353BCC0https://www.kb.cert.org/vuls/id/529659
134C704F-9B21-4F2E-91B3-4A467353BCC0https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/
AF854A3A-2127-422B-91AE-364DA2661108https://www.kb.cert.org/vuls/id/529659
[email protected]https://uefi.org/revocationlistfile
[email protected]https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html
[email protected]https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html
[email protected]https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/

CWE Details

CWE IDCWE NameDescription
CWE-347Improper Verification of Cryptographic SignatureThe software does not verify, or incorrectly verifies, the cryptographic signature for data.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence