Cyber Posture

CVE-2024-52870

High

Published: 17 January 2025

Published
17 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
EPSS Score 0.0008 23.3th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52870 is a high-severity Missing Initialization of Resource (CWE-909) vulnerability in Chrismanson (inferred from references). Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Ingress Tool Transfer (T1105); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-4 (Information Flow Enforcement) and CM-7 (Least Functionality).

Threat & Defense at a Glance

What attackers do: exploitation maps to Ingress Tool Transfer (T1105) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly addresses the CVE by requiring identification, reporting, and correction of flaws like unintended Chromium Developer Tools functionality via timely patching.

CM-7 Least Functionality good match
prevent

Ensures the Teradata Vantage Editor provides only essential capabilities for SQL access and docs.teradata.com, prohibiting unintended features like Developer Tools.

AC-4 Information Flow Enforcement good match
prevent

Enforces information flow control policies restricting the application's outbound connections to only authorized destinations, blocking access to arbitrary remote websites.

MITRE ATT&CK Enterprise TechniquesAI

T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
attack.mitre.org →
T1567 Exfiltration Over Web Service Exfiltration
Adversaries may use an existing, legitimate external Web service to exfiltrate data rather than their primary command and control channel.
attack.mitre.org →
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Vulnerability exposes dev tools in client app, directly enabling ingress of remote content/tools and exfiltration over web protocols after user-triggered invocation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites.

Deeper analysisAI

CVE-2024-52870 is a vulnerability in Teradata Vantage Editor 1.0.1, a client application intended primarily for SQL database access and navigation to docs.teradata.com. The flaw stems from unintended functionality embedded in the software, including Chromium Developer Tools, which allows a client user to bypass restrictions and access arbitrary remote websites. Classified under CWE-909, it carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) and was published on 2025-01-17T20:15:28.527.

The attack requires local access to the affected system, low attack complexity, and no privileges, though user interaction is necessary. A local attacker could exploit this by tricking a victim into invoking the exposed Developer Tools or related features within the Vantage Editor. Successful exploitation enables high confidentiality and integrity impacts, such as unauthorized data exposure or manipulation via access to external sites.

Mitigation guidance is available through vendor advisories. Security practitioners should consult Teradata's trust and security center at https://www.teradata.com/trust-security-center/data-security and the detailed analysis at https://chrismanson.com/CVE/cve-2024-52870.html for patches, workarounds, or upgrade recommendations.

Details

CWE(s)
CWE-909

Affected Products

Chrismanson
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-40687Shared CWE-909

References