← Back

CVE-2024-7344

nvd nist
Published: Jan 14, 2025Modified: Jan 22, 2025

JSON object

Loading...
8.2
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Exploitability: 1.5 / Impact: 6.0
Source: NVD

Description

Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.

Affected (7)

Products: Cs Grp: Neo Impact · Greenware: Greenguard · Howyar: Sysreturn · +4 more
Show all products
Cs Grp: Neo Impact · Greenware: Greenguard · Howyar: Sysreturn · Radix: Smart Recovery · Sanfong: Ez Back System · Signalcomputer: Hdd King · Wasay: Erecoveryrx
Cs Grp
1 product
Neo Impact
Greenware
1 product
Greenguard
Howyar
1 product
Sysreturn
Radix
1 product
Smart Recovery
Sanfong
1 product
Ez Back System
Signalcomputer
1 product
Hdd King
Wasay
1 product
Erecoveryrx
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Neo Impact
Before 10.1.024-20241127
Greenguard
Before 10.2.023-20240927
Sysreturn
Before 10.2.023_20240919
Smart Recovery
Before 11.2.023-20240927
Ez Back System
Before 10.3.024-20241127
Hdd King
Before 10.3.021-20241127
Erecoveryrx
Before 8.4.022-20241127

Related CWEs

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (7)

Source: cret@cert.org
Patch
Source: cret@cert.org
Related
Source: cret@cert.org
Related
Source: cret@cert.org
Related
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Third Party AdvisoryUS Government Resource
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitMitigationThird Party Advisory

Timeline

No history available yet.