Cyber Posture

CVE-2024-57174

High

Published: 05 March 2025

Published
05 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0026 49.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57174 is a high-severity an unspecified weakness vulnerability in Medium (inferred from references). Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Domains (T1583.001); ranked at the 49.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SC-22 (Architecture and Provisioning for Name/Address Resolution Service).

Threat & Defense at a Glance

What attackers do: exploitation maps to Domains (T1583.001). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

CM-6 Configuration Settings good match
prevent

Enforces establishment and documentation of secure configuration settings for system components like firmware DNS suffixes, directly preventing use of unclaimed domains.

SC-22 Architecture and Provisioning for Name/Address Resolution Service good match
prevent

Requires secure architecture and provisioning for name/address resolution services, preventing reliance on registrable domains as default DNS suffixes.

SI-2 Flaw Remediation good match
prevent

Mandates identification, prioritization, and remediation of flaws such as the misconfigured DNS suffix in the Alphion firmware.

MITRE ATT&CK Enterprise TechniquesAI

T1583.001 Domains Resource Development
Adversaries may acquire domains that can be used during targeting.
attack.mitre.org →
Why these techniques?

The misconfiguration exposes an unclaimed domain as the default DNS suffix, directly enabling attackers to register it and control wildcard DNS resolution for hijacking purposes.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible…

more

to access sensitive information.

Deeper analysisAI

CVE-2024-57174 is a misconfiguration vulnerability in Alphion ASEE-1443 Firmware version 0.4.H.00.02.15, where a previously unregistered domain name is defined as the default DNS suffix. This flaw affects Alphion routers running this specific firmware, enabling potential domain hijacking due to the unclaimed nature of the domain.

Attackers with low privileges (PR:L) and network access (AV:N) can exploit this vulnerability with low complexity (AC:L) and no user interaction (UI:N). By registering the unclaimed domain and configuring its wildcard DNS entry to point to an attacker-controlled IP address, they can achieve high confidentiality (C:H) and integrity (I:H) impacts, such as accessing sensitive information, while availability remains unaffected (A:N). The CVSS v3.1 base score is 8.1.

Advisories and additional details are available in the provided references, including a Medium article on internal domain names and a GitHub repository from BSides SG 2022 documenting the Alphion routers finding. No specific patch or mitigation steps are detailed in the core CVE information.

Details

CWE(s)
None listed

Affected Products

Medium
inferred from references and description; NVD did not file a CPE for this CVE

References