CVE-2024-35532
Published: 07 January 2025
Summary
CVE-2024-35532 is a critical-severity Out-of-bounds Read (CWE-125) vulnerability in Intersec Geosafe-ea (inferred from references). Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2024-35532 is an XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea versions 2022.12, 2022.13, and 2022.14. Published on 2025-01-07, it carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) and is linked to CWE-125.
The vulnerability enables remote attackers requiring no privileges or user interaction to exploit it over the network with low attack complexity. Exploitation allows arbitrary file reading under the privileges of the running process, Server-Side Request Forgery (SSRF) requests, or Denial of Service (DoS) conditions via unspecified vectors.
Mitigation guidance is available in the Post Cyber Labs advisory at https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2024-35532.pdf and on the vendor's public safety page at https://intersec.com/public-safety.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-35776
Vulnerability details
An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified…
more
vectors.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XXE directly enables remote exploitation of a public-facing application (T1190) for arbitrary local file reads (T1005) under process privileges, plus SSRF/DoS impact.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses the XXE vulnerability by requiring identification, reporting, and patching of the specific flaw in Intersec Geosafe-ea software.
Validates XML inputs to detect and block malicious external entity declarations that enable file reading, SSRF, or DoS via XXE.
Enforces secure configuration of XML parsers in the affected software to disable external entity processing and DTD resolution.