CVE-2024-7344

CVE-2024-7344 is a vulnerability in the Howyar UEFI Application "Reloader," affecting both 32-bit and 64-bit versions. It enables the execution of unsigned software stored in a hardcoded path, linked to CWE-347 (Improper Verification of Signature). The issue carries a CVSS v3.1 base score of 8.2 (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) and was published on 2025-01-14.

A local attacker with high privileges can exploit this vulnerability with low complexity and no user interaction required. Exploitation allows execution of unsigned code in the specified path, potentially compromising confidentiality, integrity, and availability at a high level within a changed scope, such as during the UEFI boot process.

Advisories and references, including the CERT vulnerability note (https://www.kb.cert.org/vuls/id/529659), UEFI specifications on the Boot Manager (https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html) and Secure Boot and Driver Signing (https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html), and the UEFI revocation list file (https://uefi.org/revocationlistfile), provide context on Secure Boot mechanisms and signature verification. An ESET blog post (https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/) discusses UEFI bootkit preparations and the role of cyber intelligence.