Cyber Resilience

CVE-2024-53407

LowLPE

Published: 15 January 2025

Published
15 January 2025
Modified
31 January 2025
KEV Added
Patch
CVSS Score v3.1 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS Score 0.0492 89.8th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53407 is a low-severity Untrusted Search Path (CWE-426) vulnerability in Phiewer Phiewer. Its CVSS base score is 3.3 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Dynamic-link Library Injection (T1055.001); ranked in the top 10.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially leading to remote control and unauthorized access to sensitive user data.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1055.001 Dynamic-link Library Injection Stealth
Adversaries may inject dynamic-link libraries (DLLs) into processes in order to evade process-based defenses as well as possibly elevate privileges.
T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

The vulnerability enables dylib injection via DYLD_INSERT_LIBRARIES in the Phiewer macOS application (T1055.001: Dynamic-link Library Injection) and allows exploitation of the client application for code execution (T1203: Exploitation for Client Execution).

Affected Assets

phiewer
phiewer
4.1.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References