CVE-2024-44722
Published: 20 March 2026
Summary
CVE-2024-44722 is a critical-severity Code Injection (CWE-94) vulnerability in Anolis Sysak. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 39.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-44722 is a critical command injection vulnerability (CWE-94) affecting SysAK versions v2.0 and earlier, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The flaw enables arbitrary command execution through malicious input, such as "aaa;cat /etc/passwd", in this open-source system analysis and kernel troubleshooting tool developed by Anolis OS.
An unauthenticated attacker with network access can exploit the vulnerability with low complexity and no user interaction required. Successful exploitation grants high-impact privileges, allowing full compromise of confidentiality, integrity, and availability on affected systems, such as reading sensitive files or executing arbitrary code remotely.
Advisories and additional details are available at https://gist.github.com/0x00dream2/9984c109101c0b1e352f8ee9ad5e40fe#file-cve-2024-44722, while the SysAK project repository at https://gitee.com/anolis/sysak provides information on patches and updates for mitigation.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-55479
Vulnerability details
SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated command injection RCE in network-accessible SysAK tool directly enables T1190 exploitation and T1059.004 Unix shell arbitrary command execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2024-44722 by identifying, reporting, and correcting the command injection flaw through timely patching as available in the SysAK repository.
Prevents arbitrary command execution by implementing input validation mechanisms at entry points to reject malicious payloads like 'aaa;cat /etc/passwd'.
Reduces the impact of successful exploitation by enforcing least privilege on the SysAK tool, limiting privileges available for injected commands.