Cyber Posture

CVE-2024-54448

High

Published: 14 March 2025

Published
14 March 2025
Modified
07 November 2025
KEV Added
Patch
CVSS Score 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0009 26.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

Security Summary

CVE-2024-54448 is a code injection vulnerability (CWE-94) in the Automation Scripting functionality of LogicalDOC, a document management system. It affects the web server running LogicalDOC, enabling attackers to execute arbitrary system commands on the underlying operating system. The vulnerability has a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-14.

Exploitation requires an authenticated account with administrator privileges or explicit access to the Automation Scripting feature. Attackers can leverage network access to trigger the vulnerability, achieving high-impact confidentiality, integrity, and availability effects by running arbitrary commands on the host operating system.

For mitigation details, refer to the advisory published by Black Duck at https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html.

Details

CWE(s)
CWE-94

Affected Products

logicaldoc
logicaldoc
≤ 9.1 · ≤ 9.1

MITRE ATT&CK Enterprise Techniques

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
attack.mitre.org →
Why these techniques?

The vulnerability in Automation Scripting allows authenticated high-privilege attackers to execute arbitrary OS commands, enabling Command and Scripting Interpreter (T1059) and Exploitation of Remote Services (T1210).

References