CVE-2024-11322

High

Published: 15 January 2025

Published

15 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0075 73.2th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-11322 is a high-severity Improper Authentication (CWE-287) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 26.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-9 (Service Identification and Authentication) and SC-5 (Denial-of-service Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

IA-9 Service Identification and Authentication good match

prevent

Requires the PowerPanel Business Service Watchdog service to identify and authenticate requests before permitting process restarts, directly addressing the improper authentication (CWE-287).

SC-7 Boundary Protection good match

prevent

Monitors and controls communications to TCP port 2003 at system boundaries, blocking unauthenticated remote access to the vulnerable service.

SC-5 Denial-of-service Protection good match

prevent

Implements safeguards to protect against or limit denial-of-service effects from repeated ppbd.exe restarts triggered via the watchdog service.

NVD Description

A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. An unauthenticated remote attacker can restart the ppbd.exe process via the PowerPanel Business Service Watchdog service listening on TCP port 2003. The attacker can repeatedly restart ppbd.exe to render it…

unavailable.

Deeper analysisAI

CVE-2024-11322 is a denial-of-service vulnerability in CyberPower PowerPanel Business (PPB) version 4.11.0. The issue stems from the PowerPanel Business Service Watchdog service, which listens on TCP port 2003 and allows an unauthenticated remote attacker to restart the ppbd.exe process. Repeated restarts of this process can render it unavailable, leading to service disruption. The vulnerability is rated with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-287 (Improper Authentication).

An unauthenticated attacker with network access to the affected system can exploit this vulnerability by sending requests to TCP port 2003, triggering the watchdog service to restart ppbd.exe. By repeating the attack, the attacker can repeatedly crash and restart the process, causing a denial-of-service condition that impacts the availability of PowerPanel Business functions. No privileges, user interaction, or scope changes are required, making it straightforward to exploit remotely.

The Tenable advisory at https://www.tenable.com/security/research/tra-2025-01 provides further details on the vulnerability, including potential mitigation steps. Published on 2025-01-15, no patches or specific workarounds are detailed in the provided information.

Details

CWE(s): CWE-287

CVEs Like This One

CVE-2026-5570Shared CWE-287

CVE-2026-42560Shared CWE-287

CVE-2024-57490Shared CWE-287

CVE-2025-64717Shared CWE-287

CVE-2025-52395Shared CWE-287

CVE-2025-15484Shared CWE-287

CVE-2026-41571Shared CWE-287

CVE-2025-64423Shared CWE-287

CVE-2026-21891Shared CWE-287

CVE-2025-30361Shared CWE-287

References

https://www.tenable.com/security/research/tra-2025-01
vulnreport@tenable.com