Cyber Resilience

CVE-2024-13206

High

Published: 09 January 2025

Published
09 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0006 19.8th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-13206 is a high-severity Incorrect Privilege Assignment (CWE-266) vulnerability. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).

Deeper analysis

CVE-2024-13206 is a critical vulnerability in REVE Antivirus version 1.0.0.0 running on Linux systems, specifically affecting the file /usr/local/reveantivirus/tmp/reveinstall due to incorrect default permissions (CWE-276 and CWE-266). This flaw allows manipulation that results in improper privilege assignment, earning a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The issue was publicly disclosed on January 9, 2025.

A local attacker with low privileges (PR:L) can exploit this vulnerability directly on the host without user interaction, achieving high impacts on confidentiality, integrity, and availability. By leveraging the misconfigured permissions in the reveinstall file, an attacker could potentially escalate privileges, modify critical files, or execute arbitrary code within the antivirus component's context.

Advisories from VulDB and a GitHub disclosure by hawkteam404 detail the vulnerability but note no vendor response despite early contact; no patches or official mitigations are available. Security practitioners should verify and manually correct permissions on the affected file path, monitor for exploit attempts, and consider alternative antivirus solutions until REVE provides updates.

The exploit has been publicly released and may be actively used, increasing risk for deployments of this unpatched software.

EU & UK References

Vulnerability details

A vulnerability classified as critical has been found in REVE Antivirus 1.0.0.0 on Linux. This affects an unknown part of the file /usr/local/reveantivirus/tmp/reveinstall. The manipulation leads to incorrect default permissions. It is possible to launch the attack on the local…

more

host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct local privilege escalation via incorrect file permissions (CWE-276/266) on Linux binary, matching Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-42368Shared CWE-266
CVE-2025-69293Shared CWE-266
CVE-2026-42680Shared CWE-266
CVE-2025-21532Shared CWE-276
CVE-2025-24176Shared CWE-276
CVE-2025-69378Shared CWE-266
CVE-2025-1789Shared CWE-276
CVE-2026-27102Shared CWE-266
CVE-2025-22736Shared CWE-266
CVE-2024-40591Shared CWE-266

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates secure configuration settings including proper file permissions to directly prevent exploitation of incorrect default permissions on the reveinstall file.

prevent

Requires timely identification, reporting, and remediation of flaws like incorrect permissions, enabling manual correction as advised due to lack of vendor patch.

prevent

Enforces least privilege principle to counter improper privilege assignment (CWE-266) and limit low-privilege attacker impact on the vulnerable file.

References