Vulnerabilites related to wasay - erecoveryrx
Vulnerability from fkie_nvd
Published
2025-01-14 14:15
Modified
2025-01-22 15:41
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | https://uefi.org/revocationlistfile | Patch | |
| cret@cert.org | https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html | Related | |
| cret@cert.org | https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html | Related | |
| cret@cert.org | https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/ | Related | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/529659 | Third Party Advisory, US Government Resource | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.kb.cert.org/vuls/id/529659 | Third Party Advisory, US Government Resource | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ | Exploit, Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cs-grp | neo_impact | * | |
| greenware | greenguard | * | |
| howyar | sysreturn | * | |
| radix | smart_recovery | * | |
| sanfong | ez-back_system | * | |
| signalcomputer | hdd_king | * | |
| wasay | erecoveryrx | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661C4664-9989-497C-9758-595D667A5E61",
"versionEndExcluding": "10.1.024-20241127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C26295FA-07B6-42D8-B5E9-7B54FA3D4559",
"versionEndExcluding": "10.2.023-20240927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "070699E9-BA08-4DFA-B2D7-61289CFDF865",
"versionEndExcluding": "10.2.023_20240919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:radix:smart_recovery:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D9F1B3-11C7-47FC-972C-017869712582",
"versionEndExcluding": "11.2.023-20240927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A794B06A-1AAC-49D4-8AD5-813A84B6DA60",
"versionEndExcluding": "10.3.024-20241127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9C4071-6E0B-472B-89BB-88D324D47534",
"versionEndExcluding": "10.3.021-20241127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA5BBD9-2DCD-4F4B-94A2-28E62180ADA3",
"versionEndExcluding": "8.4.022-20241127",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Howyar UEFI Application \"Reloader\" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Howyar UEFI Application \"Reloader\" (32 bits y 64 bits) es vulnerable a la ejecuci\u00f3n de software no firmado en una ruta codificada."
}
],
"id": "CVE-2024-7344",
"lastModified": "2025-01-22T15:41:04.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-01-14T14:15:34.930",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "https://uefi.org/revocationlistfile"
},
{
"source": "cret@cert.org",
"tags": [
"Related"
],
"url": "https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html"
},
{
"source": "cret@cert.org",
"tags": [
"Related"
],
"url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html"
},
{
"source": "cret@cert.org",
"tags": [
"Related"
],
"url": "https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/529659"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/529659"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2024-7344
Vulnerability from cvelistv5
Published
2025-01-14 13:29
Modified
2025-02-12 14:50
Severity ?
EPSS score ?
Summary
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Radix | SmartRecovery |
Version: * < 11.2.023-20240927 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-01-14T15:02:40.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/529659"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-7344",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T14:50:27.758075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T14:50:39.596Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/529659"
},
{
"url": "https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SmartRecovery",
"vendor": "Radix",
"versions": [
{
"lessThan": "11.2.023-20240927",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GreenGuard",
"vendor": "Greenware Technologies",
"versions": [
{
"lessThan": "10.2.023-20240927",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SysReturn (32-bit and 64-bit)",
"vendor": "Howyar Technologies",
"versions": [
{
"lessThan": "10.2.02320240919",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SANFONG EZ-Back System",
"vendor": "SANFONG",
"versions": [
{
"lessThan": "10.3.024-20241127",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CES NeoImpact",
"vendor": "CES Taiwan",
"versions": [
{
"lessThan": "10.1.024-20241127",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HDD King",
"vendor": "SignalComputer",
"versions": [
{
"lessThan": "10.3.021-20241127",
"status": "affected",
"version": "*",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Martin Smolar of ESET"
}
],
"descriptions": [
{
"lang": "en",
"value": "Howyar UEFI Application \"Reloader\" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path."
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7344",
"schemaVersion": "1-0-1",
"selections": [
{
"name": "Exploitation",
"namespace": "ssvc",
"values": [
"Public PoC"
],
"version": "1.1.0"
},
{
"name": "Automatable",
"namespace": "ssvc",
"values": [
"no"
],
"version": "1.0.0"
},
{
"name": "Technical Impact",
"namespace": "ssvc",
"values": [
"total"
],
"version": "1.0.0"
}
],
"timestamp": "2025-01-14T00:00:00.000Z"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-426: Untrusted Search Path",
"lang": "en"
}
]
},
{
"descriptions": [
{
"description": "CWE-347: Lack/Improper Verification of Cryptographic Signature",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:50:21.961Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://uefi.org/revocationlistfile"
},
{
"url": "https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html"
},
{
"url": "https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html"
},
{
"url": "https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Howyar UEFI Application \"Reloader\" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.",
"x_generator": {
"engine": "VINCE 3.0.11",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2024-7344"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2024-7344",
"datePublished": "2025-01-14T13:29:56.915Z",
"dateReserved": "2024-07-31T16:05:09.477Z",
"dateUpdated": "2025-02-12T14:50:39.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}