Reloader Vulnerability: Execution of Unsigned Software
CVE-2024-7344

6.5MEDIUM

Key Information:

Vendor
Radix
Status
Smartrecovery
Greenguard
Sysreturn (32-bit And 64-bit)
Sanfong Ez-back System
Vendor
CVE Published:
14 January 2025

Badges

๐Ÿ”ฅ Trending now๐Ÿ“ˆ Trended๐Ÿ“ˆ Score: 2,880๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2024-7344?

CVE-2024-7344 is a vulnerability found within the Reloader application developed by Howyar, which functions as a UEFI (Unified Extensible Firmware Interface) application for managing firmware settings and boot processes. This vulnerability specifically allows for the execution of unsigned software from a hardcoded path, which can lead to significant security risks. If exploited, this could enable adversaries to execute malicious software without proper authorization, potentially compromising the integrity and confidentiality of the affected systems.

Technical Details

The vulnerability resides in both the 32-bit and 64-bit versions of Howyarโ€™s Reloader application. The primary flaw is associated with its insufficient enforcement of digital signature verification, permitting unsigned code to run in an inherently insecure manner. As a result, any malicious entity could exploit this gap to introduce harmful executables during the boot process or system operation, undermining system security and stability.

Potential Impact of CVE-2024-7344

  1. Execution of Malicious Code: The ability for unsigned software to execute can lead to severe compromises, allowing attackers to install backdoors, rootkits, or other forms of malware that can disrupt normal operations.

  2. Data Breach Risks: With unauthorized access to systems, sensitive data can be exfiltrated or tampered with, leading to potential data breaches and exposing organizations to legal and regulatory repercussions.

  3. System Integrity Compromise: The integrity of the entire system can be at risk, as attackers could manipulate firmware settings and boot processes, potentially leading to persistent threats that are difficult to detect and mitigate.

Affected Version(s)

CES NeoImpact * < 10.1.024-20241127

GreenGuard * < 10.2.023-20240927

HDD King * < 10.3.021-20241127

News Articles

favicon imageWeLiveSecurity

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that affects the majority of UEFI-based systems and allows bypassing UEFI Secure Boot.

1 day ago

favicon imageBleepingComputer

New UEFI Secure Boot flaw exposes systems to bootkits, patch now

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344ย that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active.

1 day ago

favicon imageIrish Tech News

ESET Research discovers UEFI Secure Boot bypass vulnerability

Exploitation of this vulnerability can lead to the execution of untrusted code during system boot, enabling potential attackers to easily deploy malicious

2 days ago

References

https://uefi.org/revocationlistfile
https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Drive...
https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ“ˆ

    Vulnerability started trending

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by TechTarget

  • Vulnerability published

Credit

Thanks to Martin Smolar of ESET
.