CVE-2024-42444
Published: 14 January 2025
Summary
CVE-2024-42444 is a high-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Ami Aptio V. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique System Firmware (T1542.001); ranked at the 35.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-34 (Non-modifiable Executable Programs) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-42444 is a Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability, classified as CWE-367, affecting the APTIOV BIOS firmware. Published on January 14, 2025, it carries a CVSS v3.1 base score of 7.5 (High), with vector AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H, indicating local access vector, high attack complexity, low privileges required, user interaction needed, changed scope, and high impacts across confidentiality, integrity, and availability.
A local attacker with low privileges can exploit this vulnerability through local means by inducing the TOCTOU race condition, though it demands high complexity and user interaction. Successful exploitation enables execution of arbitrary code on the target device.
American Megatrends has published security advisory AMI-SA-2025001, which details the vulnerability and associated mitigations, available at https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025001.pdf.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-39541
Vulnerability details
APTIOV contains a vulnerability in BIOS where an attacker may cause a TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may lead to execution of arbitrary code on the target device.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
TOCTOU race condition in BIOS firmware directly enables arbitrary code execution at the pre-OS/firmware level (T1542.001) and supports local privilege escalation from low-priv context (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the TOCTOU race condition vulnerability in APTIOV BIOS firmware by applying vendor-provided updates from AMI-SA-2025001.
Monitors and verifies the integrity of BIOS firmware using cryptographic mechanisms to prevent unauthorized modifications or execution exploiting the race condition.
Enforces execution of only non-modifiable BIOS firmware programs, blocking arbitrary code execution resulting from the TOCTOU vulnerability.