VDB
CVE-2024-7344
CVE-2024-7344
PUBLISHED
CVSS 8.699999809265137 HIGH
Windows ist ein Betriebssystem von Microsoft.
EPSS 0.52% · 67.2th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.52%
67.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Windows Server 2019 | |
| Microsoft | Microsoft Windows Server 2008 SP2 | |
| Insyde | Insyde UEFI Firmware <05.55.04 | |
| Dell | Dell BIOS | |
| Microsoft | Microsoft Windows 10 Version 21H2 | |
| Microsoft | Microsoft Windows Server 2008 R2 SP1 | |
| Insyde | Insyde UEFI Firmware <05.47.04 | |
| Lenovo | Lenovo BIOS | |
| Microsoft | Microsoft Windows Server 2022 23H2 Edition | |
| Insyde | Insyde UEFI Firmware <05.62.04 | |
| Insyde | Insyde UEFI Firmware <05.71.04 | |
| Microsoft | Microsoft Windows Server 2025 | |
| Hitachi | Hitachi Virtual Storage Platform | |
| Microsoft | Microsoft Windows 11 Version 24H2 | |
| Microsoft | Microsoft Windows Server 2022 | |
| Insyde | Insyde UEFI Firmware <05.39.04 | |
| HP | HP Computer Cray XD670 <v2.06 | |
| Microsoft | Microsoft Windows Server 2012 | |
| Microsoft | Microsoft Windows 10 Version 1607 | |
| Insyde | Insyde UEFI Firmware <05.2A.04 |
…and 9 more
Exploit Intelligence
- https://www.welivesecurity.com/en/eset-research/under-cloak-uefi-secure-boot-introducing-cve-2024-7344/ (nist-nvd)
- Microsoft Message Queuing Information Disclosure Vulnerability (circl)
- CIRCL seen: CVE-2025-21220 (circl-sighting)
- CIRCL seen: CVE-2025-21220 (circl-sighting)
- CIRCL seen: CVE-2025-21220 (circl-sighting)
- CVE-2025-21333.yara (github-yara)
- CVE-2025-21333.yara (github-yara)
- CVE-2025-21333.yara (github-yara)
- CVE-2025-21333.yara (github-yara)
- CVE-2025-21333.yara (github-yara)
…and 13 more exploits
Timeline
- Jan 14, 2025 CVE Published
- Jan 14, 2025 PoC Published
- Jan 14, 2025 PoC Published
- Jan 14, 2025 PoC Published
- Jan 15, 2025 EPSS Score
- Jan 21, 2025 Coalition ESS Score
- Jan 31, 2025 EPSS Score
- Feb 4, 2025 PoC Published
- Feb 5, 2025 Coalition ESS Score
- Feb 15, 2025 EPSS Score
- Mar 3, 2025 EPSS Score
- Mar 18, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0091.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0091 advisory
- https://msrc.microsoft.com/update-guide/ advisory
- https://www.hitachi.com/products/it/storage-solutions/sec_info/2025/01.html advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0739.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0739 advisory
- https://www.insyde.com/security-pledge/sa-2024015/ advisory
- https://www.insyde.com/security-pledge/sa-2024021/ advisory
- https://www.dell.com/support/kbdoc/de-de/000285110/dsa-2025-091 advisory
- https://support.lenovo.com/us/en/product_security/LEN-193044 advisory
- https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbcr04982en_us&docLocale=en_US advisory
- https://www.dell.com/support/kbdoc/de-de/000461405/dsa-2026-127-security-update-for-dell-powerscale-onefs-multiple-third-party-component-vulnerabilities advisory