Cyber Resilience

CVE-2024-13242

Critical

Published: 09 January 2025

Published
09 January 2025
Modified
04 June 2025
KEV Added
Patch
CVSS Score v3.1 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0053 67.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-13242 is a critical-severity Exposed Dangerous Method or Function (CWE-749) vulnerability in Swift Mailer Project Swift Mailer. Its CVSS base score is 9.1 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 32.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-13242 is an Exposed Dangerous Method or Function vulnerability in the Swift Mailer module for Drupal, enabling Resource Location Spoofing. This issue affects all versions of Swift Mailer (*.*). The vulnerability has a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), indicating critical severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high impacts on confidentiality and integrity.

Unauthenticated attackers on the network can exploit this vulnerability remotely with low complexity and no privileges or user interaction required. Successful exploitation allows attackers to spoof resource locations, potentially leading to high confidentiality and integrity impacts, such as unauthorized access to sensitive data or manipulation of resources, while availability remains unaffected.

The Drupal security advisory SA-CONTRIB-2024-006 at https://www.drupal.org/sa-contrib-2024-006 provides details on this vulnerability and mitigation recommendations.

EU & UK References

Vulnerability details

Exposed Dangerous Method or Function vulnerability in Drupal Swift Mailer allows Resource Location Spoofing.This issue affects Swift Mailer: *.*.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Exposed dangerous method in public-facing Drupal Swift Mailer module directly enables remote unauthenticated exploitation (T1190) for resource location spoofing with high C/I impact.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-4051Shared CWE-749
CVE-2026-33583Shared CWE-749
CVE-2026-5173Shared CWE-749
CVE-2024-12651Shared CWE-749
CVE-2026-30921Shared CWE-749
CVE-2022-31491Shared CWE-749
CVE-2025-47366Shared CWE-749
CVE-2026-30957Shared CWE-749
CVE-2025-53964Shared CWE-749
CVE-2025-14713Shared CWE-749

Affected Assets

swift mailer project
swift mailer
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the exposed dangerous method vulnerability in Swift Mailer by applying the patch from Drupal SA-CONTRIB-2024-006.

prevent

Enforces access controls to prevent unauthenticated attackers from invoking the dangerous method enabling resource location spoofing.

prevent

Validates inputs to Swift Mailer functions to mitigate resource location spoofing attempts.

References