Cyber Resilience

CVE-2024-10930

High

Published: 04 March 2025

Published
04 March 2025
Modified
05 February 2026
KEV Added
Patch
CVSS Score v4 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0149 81.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-10930 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Carrier Block Load. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked in the top 18.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-14 (Signed Components) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-10930 is an Uncontrolled Search Path Element vulnerability (CWE-427) that enables DLL hijacking, allowing a malicious actor to execute arbitrary code with escalated privileges. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and was published on 2025-03-04. It affects software or components detailed in the referenced advisories from CISA and Carrier.

A local attacker with no required privileges can exploit this vulnerability, though it demands low complexity and user interaction. Successful exploitation grants high-impact access to confidentiality, integrity, and availability through arbitrary code execution under escalated privileges.

CISA ICS Advisory ICSA-25-063-01 and Carrier's product security advisories at the provided references outline mitigation strategies and available patches. Security practitioners should consult these sources for specific remediation steps tailored to affected systems.

EU & UK References

Vulnerability details

An Uncontrolled Search Path Element vulnerability exists which could allow a malicious actor to perform DLL hijacking and execute arbitrary code with escalated privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.001 DLL Stealth
Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate privileges, and evade defenses.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

CWE-427 uncontrolled search path directly enables DLL search order hijacking (T1038) for arbitrary code execution; local exploitation with no privileges but escalated privileges matches T1068.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-24998Shared CWE-427
CVE-2025-25003Shared CWE-427
CVE-2026-23741Shared CWE-427
CVE-2025-26631Shared CWE-427
CVE-2026-42171Shared CWE-427
CVE-2026-4134Shared CWE-427
CVE-2026-2361Shared CWE-427
CVE-2026-2360Shared CWE-427
CVE-2025-24039Shared CWE-427
CVE-2020-23438Shared CWE-427

Affected Assets

carrier
block load
4.00 · 4.10 — 4.16

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the uncontrolled search path vulnerability by identifying, reporting, and applying patches as outlined in CISA and vendor advisories.

prevent

Requires signed components for DLLs, preventing execution of malicious unsigned DLLs placed in uncontrolled search paths.

preventdetect

Verifies integrity of software including DLLs to block loading of tampered or unauthorized code via hijacking.

References