Cyber Posture

CVE-2024-57061

CriticalRCE

Published: 19 March 2025

Published
19 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0051 66.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57061 is a critical-severity Code Injection (CWE-94) vulnerability in Medium (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 33.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and PE-3 (Physical Access Control).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

CM-6 Configuration Settings good match
prevent

Enforces secure configuration settings for Electron Fuses in Termius to prevent arbitrary code injection by blocking insecure configurations.

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of the known flaw in Termius versions 9.9.0-9.16.0 through patching or upgrades to eliminate the code injection vulnerability.

PE-3 Physical Access Control good match
prevent

Implements physical access controls to block physically proximate attackers from exploiting the insecure Electron Fuses configuration on target systems.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
Why these techniques?

The code injection vulnerability in the Termius Electron client application directly enables arbitrary code execution on the target system, mapping to exploitation for client execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

An issue in Termius Version 9.9.0 through v.9.16.0 allows a physically proximate attacker to execute arbitrary code via the insecure Electron Fuses configuration.

Deeper analysisAI

CVE-2024-57061 is a code injection vulnerability (CWE-94) affecting Termius versions 9.9.0 through 9.16.0, stemming from an insecure Electron Fuses configuration. This flaw enables arbitrary code execution within the Termius application, which is built using the Electron framework. The vulnerability received a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), highlighting its critical severity due to high confidentiality, integrity, and availability impacts.

A physically proximate attacker can exploit this vulnerability to execute arbitrary code on the target system running the affected Termius versions. Despite the CVSS vector indicating network accessibility without privileges or user interaction, the core issue requires physical proximity to leverage the misconfigured Electron Fuses for injection.

References detail exploitation techniques for Electron applications on macOS, a limited disclosure on the insufficient fuses in Termius, and official Electron documentation on implementing fuses for mitigation. These resources emphasize securing Electron Fuses configuration to prevent such code injection attacks, though no specific patches from Termius are referenced.

Details

CWE(s)
CWE-94

Affected Products

Medium
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-0500Shared CWE-94
CVE-2026-21853Shared CWE-94
CVE-2024-56448Shared CWE-94
CVE-2025-25467Shared CWE-94
CVE-2025-27678Shared CWE-94
CVE-2025-61732Shared CWE-94
CVE-2026-35197Shared CWE-94
CVE-2026-34060Shared CWE-94
CVE-2025-59041Shared CWE-94
CVE-2026-40322Shared CWE-94

References