CVE-2024-7344
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
Description
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
INFO
Published Date :
Jan. 14, 2025, 2:15 p.m.
Last Modified :
Jan. 22, 2025, 3:41 p.m.
Remotely Exploit :
No
Source :
[email protected]
Affected Products
The following products are affected by CVE-2024-7344
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | [email protected] | ||||
| CVSS 3.1 | HIGH | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
Solution
- Obtain and install the latest version of the UEFI application.
- Verify that all executed software is properly signed.
- Remove any unsigned software from the hardcoded path.
Public PoC/Exploit Available at Github
CVE-2024-7344 has a 4 public
PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-7344.
| URL | Resource |
|---|---|
| https://uefi.org/revocationlistfile | Patch |
| https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html | Related |
| https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html | Related |
| https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/ | Related |
| https://www.kb.cert.org/vuls/id/529659 | Third Party Advisory US Government Resource |
| https://www.kb.cert.org/vuls/id/529659 | Third Party Advisory US Government Resource |
| https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ | Exploit Mitigation Third Party Advisory |
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-7344 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-7344
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
Linker Script Assembly
None
None
Journey through the cryptic corridors of code. Unravel the secrets encoded in the shadows. Welcome to the realm where algorithms whisper in binary tongues. Dare to explore, for within lies the essence of innovation.
computer-architecture computer-engineering computer-science data-engineering research-and-development research-software-engineering software-engineering
Python Nix
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-7344 vulnerability anywhere in the article.
-
The Hacker News
SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers
Sep 18, 2025Ravie LakshmananData Breach / Network Security SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impact ... Read more
-
The Hacker News
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Ru ... Read more
-
The Hacker News
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Sep 16, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could le ... Read more
-
The Hacker News
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Sep 16, 2025Ravie LakshmananVulnerability / Spyware Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question ... Read more
-
The Hacker News
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds
Sep 16, 2025Ravie LakshmananHardware Security / Vulnerability A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 (DDR5) me ... Read more
-
TheCyberThrone
HybridPetya: The UEFI-Busting Heir to Petya/NotPetya
September 16, 2025In September 2025, security researchers spotlighted the rise of HybridPetya, a next-generation ransomware that revives and amplifies the catastrophic tactics of Petya and NotPetya—th ... Read more
-
The Register
HybridPetya: More proof that Secure Boot bypasses are not just an urban legend
A new ransomware strain dubbed HybridPetya was able to exploit a patched vulnerability to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot on unrevoked Windows systems, making it the fo ... Read more
-
BleepingComputer
New HybridPetya ransomware can bypass UEFI Secure Boot
A recently discovered ransomware strain called HybridPetya can bypass the UEFI Secure Boot feature to install a malicious application on the EFI System Partition. HybridPetya appears inspired by the d ... Read more
-
Help Net Security
HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot
ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems a ... Read more
-
CybersecurityNews
New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems
In late July 2025, a series of ransomware samples surfaced on VirusTotal under filenames referencing the notorious Petya and NotPetya attacks. Unlike its predecessors, this new threat—dubbed HybridPet ... Read more
-
The Hacker News
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit
Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot ... Read more
-
Daily CyberSecurity
Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could allow attackers to manipulate signed login responses—potentially enabling authe ... Read more
-
Daily CyberSecurity
Critical Node-SAML Flaw (CVE-2025-54369) Exposes SAML 2.0 to Authentication Bypass
A critical vulnerability has been discovered in the popular open-source Node.js library Node-SAML, used to implement SAML 2.0 authentication workflows. Tracked as CVE-2025-54369 and scoring a CVSS v4 ... Read more
-
tripwire.com
Tripwire Patch Priority Index for January 2025
Tripwire's January 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for the Microsoft office platform, including Word, Access, Visi ... Read more
-
TheCyberThrone
CVE-2024-53691: PoC Exploit Code Release for QNAP Flaw
CVE-2024-53691 is a severe remote code execution (RCE) vulnerability discovered in QNAP NAS devices. Recently, security researcher c411e released a Proof-of-Concept (PoC) exploit code, underscoring th ... Read more
-
Help Net Security
Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is e ... Read more
-
TheCyberThrone
CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw
Background:CVE-2025-0107 is a critical OS command injection vulnerability discovered in Palo Alto Networks’ Expedition Tool, version 1.2.101 and earlier. Recently, security researchers released a Proo ... Read more
-
TheCyberThrone
CVE-2024-7344 impacts UEFI based systems
CVE-2024-7344 is a critical vulnerability affecting UEFI-based systems. It was discovered by researchers at ESET and involves a bypass of the UEFI Secure Boot mechanism, allowing untrusted code to run ... Read more
-
BleepingComputer
New UEFI Secure Boot flaw exposes systems to bootkits, patch now
A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. The vul ... Read more
-
Help Net Security
Critical SimpleHelp vulnerabilities fixed, update your server instances!
If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be explo ... Read more
The following table lists the changes that have been made to the
CVE-2024-7344 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Jan. 22, 2025
Action Type Old Value New Value Changed Reference Type https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ No Types Assigned https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ Exploit, Mitigation, Third Party Advisory -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jan. 21, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Removed CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Added Reference https://www.kb.cert.org/vuls/id/529659 Added Reference https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ -
Reanalysis by [email protected]
Jan. 21, 2025
Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:* versions up to (excluding) 10.1.024-20241127 *cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023-20240927 *cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023_20240919 *cpe:2.3:a:radix:smartrecovery:*:*:*:*:*:*:*:* versions up to (excluding) 11.2.023-20240927 *cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.024-20241127 *cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.021-20241127 *cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:* versions up to (excluding) 8.4.022-20241127 OR *cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:* versions up to (excluding) 10.1.024-20241127 *cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023-20240927 *cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023_20240919 *cpe:2.3:a:radix:smart_recovery:*:*:*:*:*:*:*:* versions up to (excluding) 11.2.023-20240927 *cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.024-20241127 *cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.021-20241127 *cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:* versions up to (excluding) 8.4.022-20241127 -
Reanalysis by [email protected]
Jan. 21, 2025
Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:a:ces:neoimpact:*:*:*:*:*:*:*:* versions up to (excluding) 10.1.024-20241127 *cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023-20240927 *cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023_20240919 *cpe:2.3:a:radix:smartrecovery:*:*:*:*:*:*:*:* versions up to (excluding) 11.2.023-20240927 *cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.024-20241127 *cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.021-20241127 *cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:* versions up to (excluding) 8.4.022-20241127 OR *cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:* versions up to (excluding) 10.1.024-20241127 *cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023-20240927 *cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023_20240919 *cpe:2.3:a:radix:smartrecovery:*:*:*:*:*:*:*:* versions up to (excluding) 11.2.023-20240927 *cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.024-20241127 *cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.021-20241127 *cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:* versions up to (excluding) 8.4.022-20241127 -
Initial Analysis by [email protected]
Jan. 21, 2025
Action Type Old Value New Value Added CVSS V3.1 NIST AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Added CWE NIST CWE-347 Added CPE Configuration OR *cpe:2.3:a:ces:neoimpact:*:*:*:*:*:*:*:* versions up to (excluding) 10.1.024-20241127 *cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023-20240927 *cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:* versions up to (excluding) 10.2.023_20240919 *cpe:2.3:a:radix:smartrecovery:*:*:*:*:*:*:*:* versions up to (excluding) 11.2.023-20240927 *cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.024-20241127 *cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:* versions up to (excluding) 10.3.021-20241127 *cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:* versions up to (excluding) 8.4.022-20241127 Changed Reference Type https://uefi.org/revocationlistfile No Types Assigned https://uefi.org/revocationlistfile Patch Changed Reference Type https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html No Types Assigned https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html Related Changed Reference Type https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html No Types Assigned https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html Related Changed Reference Type https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/ No Types Assigned https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/ Related Changed Reference Type https://www.kb.cert.org/vuls/id/529659 No Types Assigned https://www.kb.cert.org/vuls/id/529659 Third Party Advisory, US Government Resource -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jan. 14, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Jan. 14, 2025
Action Type Old Value New Value Added Reference https://www.kb.cert.org/vuls/id/529659 -
New CVE Received by [email protected]
Jan. 14, 2025
Action Type Old Value New Value Added Description Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. Added Reference https://uefi.org/revocationlistfile Added Reference https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html Added Reference https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html Added Reference https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/