Reloader Vulnerability: Execution of Unsigned Software
CVE-2024-7344

8.2HIGH

Key Information:

Vendor
Radix
Status
Smartrecovery
Greenguard
Sysreturn (32-bit And 64-bit)
Sanfong Ez-back System
Vendor
CVE Published:
14 January 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 6,240👾 Exploit Exists📰 News Worthy

What is CVE-2024-7344?

CVE-2024-7344 is a vulnerability found within the Reloader application developed by Howyar, which functions as a UEFI (Unified Extensible Firmware Interface) application for managing firmware settings and boot processes. This vulnerability specifically allows for the execution of unsigned software from a hardcoded path, which can lead to significant security risks. If exploited, this could enable adversaries to execute malicious software without proper authorization, potentially compromising the integrity and confidentiality of the affected systems.

Technical Details

The vulnerability resides in both the 32-bit and 64-bit versions of Howyar’s Reloader application. The primary flaw is associated with its insufficient enforcement of digital signature verification, permitting unsigned code to run in an inherently insecure manner. As a result, any malicious entity could exploit this gap to introduce harmful executables during the boot process or system operation, undermining system security and stability.

Potential Impact of CVE-2024-7344

  1. Execution of Malicious Code: The ability for unsigned software to execute can lead to severe compromises, allowing attackers to install backdoors, rootkits, or other forms of malware that can disrupt normal operations.

  2. Data Breach Risks: With unauthorized access to systems, sensitive data can be exfiltrated or tampered with, leading to potential data breaches and exposing organizations to legal and regulatory repercussions.

  3. System Integrity Compromise: The integrity of the entire system can be at risk, as attackers could manipulate firmware settings and boot processes, potentially leading to persistent threats that are difficult to detect and mitigate.

Affected Version(s)

CES NeoImpact * < 10.1.024-20241127

GreenGuard * < 10.2.023-20240927

HDD King * < 10.3.021-20241127

News Articles

favicon imageDataconomy

Hackers had 7 months to exploit this Windows 11 flaw: Update now

Microsoft has patched a significant security vulnerability that left Windows 11 vulnerable to malware attacks for over seven months. Users are strongly urged

favicon imageWindows Central

Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps

Microsoft patched the CVE-2024-7344 security flaw, active for over 7 months, and blocked unauthorized access to Windows 11 via Secure Boot bypass.

favicon imageHelp Net Security

Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using

References

https://uefi.org/revocationlistfile
https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Drive...
https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 📈

    Vulnerability started trending

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by TechTarget

  • Vulnerability published

Credit

Thanks to Martin Smolar of ESET
.