Cyber Resilience

CVE-2024-53320

Critical

Published: 31 January 2025

Published
31 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0050 66.4th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53320 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 33.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-53320 is a critical vulnerability in the Qualisys C++ SDK at commit a32a21a, involving multiple stack buffer overflows triggered via the GetCurrentFrame, SaveCapture, and LoadProject functions. Classified under CWE-120, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its severe potential impact.

The vulnerability enables remote exploitation over the network with low complexity, requiring no privileges or user interaction. Attackers can achieve high impacts on confidentiality, integrity, and availability, potentially leading to arbitrary code execution or system crashes on affected systems integrating the vulnerable SDK.

Mitigation details are documented in the GitHub issue at https://github.com/qualisys/qualisys_cpp_sdk/issues/47. Security practitioners should review this reference for patches or workarounds specific to the SDK.

EU & UK References

Vulnerability details

Qualisys C++ SDK commit a32a21a was discovered to contain multiple stack buffer overflows via the GetCurrentFrame, SaveCapture, and LoadProject functions.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Stack buffer overflow (CWE-120) in network-reachable SDK functions directly enables remote arbitrary code execution without auth or user interaction, mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2021-47854Shared CWE-120
CVE-2024-39803Shared CWE-120
CVE-2024-37184Shared CWE-120
CVE-2025-66647Shared CWE-120
CVE-2024-39750Shared CWE-120
CVE-2025-52909Shared CWE-120
CVE-2025-50398Shared CWE-120
CVE-2025-25674Shared CWE-120
CVE-2022-50922Shared CWE-120
CVE-2024-57471Shared CWE-120

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 requires identifying, reporting, and correcting system flaws like this stack buffer overflow, directly enabling patching to the fixed SDK commit or applying documented workarounds.

prevent

SI-16 implements memory protections such as stack canaries, ASLR, and DEP that directly mitigate stack buffer overflow exploitation leading to arbitrary code execution.

prevent

SI-10 enforces validation of inputs to vulnerable SDK functions like GetCurrentFrame, SaveCapture, and LoadProject to prevent malformed data from triggering overflows.

References