Cyber Posture

CVE-2024-42444

High

Published: 14 January 2025

Published
14 January 2025
Modified
02 October 2025
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0011 29.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-42444 is a high-severity Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) vulnerability in Ami Aptio V. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 29.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-34 (Non-modifiable Executable Programs) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the TOCTOU race condition vulnerability in APTIOV BIOS firmware by applying vendor-provided updates from AMI-SA-2025001.

SI-7 Software, Firmware, and Information Integrity good match
preventdetect

Monitors and verifies the integrity of BIOS firmware using cryptographic mechanisms to prevent unauthorized modifications or execution exploiting the race condition.

SC-34 Non-modifiable Executable Programs good match
prevent

Enforces execution of only non-modifiable BIOS firmware programs, blocking arbitrary code execution resulting from the TOCTOU vulnerability.

NVD Description

APTIOV contains a vulnerability in BIOS where an attacker may cause a TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may lead to execution of arbitrary code on the target device.

Deeper analysisAI

CVE-2024-42444 is a Time-of-Check Time-of-Use (TOCTOU) race condition vulnerability, classified as CWE-367, affecting the APTIOV BIOS firmware. Published on January 14, 2025, it carries a CVSS v3.1 base score of 7.5 (High), with vector AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H, indicating local access vector, high attack complexity, low privileges required, user interaction needed, changed scope, and high impacts across confidentiality, integrity, and availability.

A local attacker with low privileges can exploit this vulnerability through local means by inducing the TOCTOU race condition, though it demands high complexity and user interaction. Successful exploitation enables execution of arbitrary code on the target device.

American Megatrends has published security advisory AMI-SA-2025001, which details the vulnerability and associated mitigations, available at https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025001.pdf.

Details

CWE(s)
CWE-367

Affected Products

ami
aptio v
5.0 — 5.038

CVEs Like This One

CVE-2024-54084Same product: Ami Aptio V
CVE-2024-33659Same product: Ami Aptio V
CVE-2026-30332Shared CWE-367
CVE-2026-21240Shared CWE-367
CVE-2024-53028Shared CWE-367
CVE-2025-22224Shared CWE-367
CVE-2026-27750Shared CWE-367
CVE-2026-20816Shared CWE-367
CVE-2026-25052Shared CWE-367
CVE-2025-38352Shared CWE-367

References