Cyber Resilience

CVE-2024-56084

High

Published: 16 December 2024

Published
16 December 2024
Modified
20 June 2025
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0501 89.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-56084 is a high-severity Command Injection (CWE-77) vulnerability in Logpoint Universal Normalizer. Its CVSS base score is 7.1 (High).

Operationally, ranked in the top 10.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-56084 affects Logpoint UniversalNormalizer versions prior to 5.7.0. The flaw stems from insufficient input validation during creation of a Universal Normalizer, allowing command injection (CWE-77) that results in remote code execution when the supplied payload is processed.

An authenticated user with low privileges can exploit the issue over an adjacent network. Successful injection grants the attacker the ability to execute arbitrary commands on the affected system, potentially achieving full control over confidentiality, integrity, and availability of the host.

The vendor advisory at servicedesk.logpoint.com recommends upgrading to UniversalNormalizer 5.7.0 or later to address the vulnerability.

EPSS remains flat at 0.0501 with no material increase since disclosure.

EU & UK References

Vulnerability details

An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can inject payloads while creating Universal Normalizer. These are executed, leading to Remote Code Execution.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

logpoint
universal normalizer
≤ 5.7.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References