CVE-2024-41787

Critical

Published: 10 January 2025

Published

10 January 2025

Modified

20 August 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0002 6.7th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-41787 is a critical-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Ibm Doors Next. Its CVSS base score is 9.8 (Critical).

Operationally, ranked at the 6.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the race condition vulnerability by applying vendor patches as specified in the IBM advisory.

AC-25 Reference Monitor good match

prevent

Implements a reference monitor that ensures complete mediation without time-of-check-to-time-of-use race conditions allowing security bypass.

SI-10 Information Input Validation partial match

prevent

Validates specially crafted requests to mitigate exploitation attempts targeting the race condition.

NVD Description

IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code.

Deeper analysisAI

IBM Engineering Requirements Management DOORS Next versions 7.0.2 and 7.0.3 are affected by CVE-2024-41787, a critical vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) stemming from a race condition (CWE-367). This flaw enables a remote attacker to bypass security restrictions by sending a specially crafted request, potentially leading to remote code execution.

The vulnerability can be exploited by any unauthenticated remote attacker over the network with low complexity and no user interaction required. Successful exploitation grants high-impact access, allowing the attacker to achieve full confidentiality, integrity, and availability compromise on the targeted system.

For mitigation details, refer to the official IBM advisory at https://www.ibm.com/support/pages/node/7180636, which outlines available patches and remediation steps.

Details

CWE(s): CWE-367

Affected Products

ibm

doors next

7.0.2, 7.0.3

CVEs Like This One

CVE-2024-56340Same vendor: Ibm

CVE-2024-43187Same vendor: Ibm

CVE-2025-0162Same vendor: Ibm

CVE-2024-28766Same vendor: Ibm

CVE-2025-14480Same vendor: Ibm

CVE-2024-25034Same vendor: Ibm

CVE-2024-39750Same vendor: Ibm

CVE-2024-49352Same vendor: Ibm

CVE-2025-3320Same vendor: Ibm

CVE-2025-13689Same vendor: Ibm

References

https://www.ibm.com/support/pages/node/7180636
Vendor Advisory · psirt@us.ibm.com