Cyber Resilience

CVE-2024-55511

High

Published: 16 January 2025

Published
16 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0083 75.0th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-55511 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability in Macrium Reflect (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 25.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-11 (User-installed Software) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-55511 is a null pointer dereference vulnerability (CWE-476) in Macrium Reflect versions prior to 8.1.8017. Published on 2025-01-16, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The flaw arises from improper handling of a null pointer when executing a specially crafted executable.

A local attacker with low privileges can exploit this vulnerability by running the crafted executable on a vulnerable system. Exploitation requires no user interaction beyond execution and low attack complexity, potentially leading to a denial-of-service via system crash or privilege escalation, with high impacts on confidentiality, integrity, and availability.

Macrium Reflect addresses this issue in version 8.1.8017, as detailed in the vendor's update notes at https://updates.macrium.com/reflect/v8/v8.1.8017/details8.1.8017.htm. Further technical analysis and resources are available at https://github.com/nikosecurity/CVE-2024-55511.

EU & UK References

Vulnerability details

A null pointer dereference vulnerability in Macrium Reflect prior to 8.1.8017 allows a local attacker to cause a system crash or potentially elevate their privileges via executing a specially crafted executable.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Null pointer dereference in local software enables crafted executable to trigger privilege escalation (or DoS).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-31453Shared CWE-476
CVE-2025-21084Shared CWE-476
CVE-2026-25165Shared CWE-476
CVE-2026-24293Shared CWE-476
CVE-2024-57925Shared CWE-476
CVE-2024-53024Shared CWE-476
CVE-2026-31436Shared CWE-476
CVE-2024-57798Shared CWE-476
CVE-2026-23198Shared CWE-476
CVE-2026-31404Shared CWE-476

Affected Assets

Macrium
Reflect
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the null pointer dereference vulnerability by requiring timely flaw remediation through patching Macrium Reflect to version 8.1.8017 or later.

prevent

Prevents local low-privilege attackers from executing specially crafted executables by prohibiting and controlling user-installed software.

preventdetect

Anti-malware mechanisms scan for, detect, and block execution of malicious crafted executables designed to trigger the null pointer dereference.

References