CVE-2024-46464
Published: 09 January 2025
Summary
CVE-2024-46464 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Primx (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 32.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2024-46464 affects PRIMX ZED Enterprise versions up to 2024.3. The vulnerability stems from technical files stored in local folders that have common user access, allowing these files to be manipulated. This issue is classified under CWE-276 (Incorrect Default Permissions) and carries a CVSS v3.1 base score of 7.8 (High), with vector AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H, indicating local access required, high attack complexity, no privileges or user interaction needed, changed scope, high confidentiality and availability impacts, and no integrity impact.
A local attacker can exploit this vulnerability by manipulating the accessible technical files, potentially rendering the host computer unavailable (denial of service) or executing arbitrary programs with elevated privileges. The attack requires no prior privileges (PR:N) but demands high complexity (AC:H), making it feasible for unprivileged local users who can access the shared folders.
For mitigation details, refer to the vendor's security bulletin at https://www.primx.eu/en/bulletins/security-bulletin-24931935/.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42191
Vulnerability details
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host computer unavailable or to execute programs with an elevation of privilege.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Weak default file permissions (CWE-276) on local technical files directly enable local unprivileged attackers to manipulate them for arbitrary code execution with elevated privileges, matching Exploitation for Privilege Escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces least privilege to restrict unprivileged local users from accessing or manipulating technical files in shared folders, preventing DoS or privilege escalation.
Implements access enforcement mechanisms like file ACLs to block unauthorized modifications to technical files with common user access, directly countering CWE-276.
Requires secure baseline configuration settings for file and folder permissions in PRIMX ZED Enterprise, mitigating overly permissive defaults exploited for host unavailability or elevated execution.