Cyber Resilience

CVE-2024-57395

Critical

Published: 29 January 2025

Published
29 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0332 87.5th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57395 is a critical-severity Insufficiently Protected Credentials (CWE-522) vulnerability in Hzzcka (inferred from references). Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 12.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2024-57395 is a password vulnerability, tracked under CWE-522, that affects the Safety production process management system version 1.0. The flaw resides in the password and account number parameters and carries a CVSS 3.1 score of 9.8, reflecting network-accessible exploitation with no required authentication or user interaction that can result in privilege escalation, arbitrary code execution, and disclosure of sensitive information.

A remote attacker can supply crafted values to the affected parameters to escalate privileges, run arbitrary code, and retrieve sensitive data from the system.

The EPSS score for this CVE rose from a low baseline to a peak of 0.0551 on 2026-03-09 before receding to the current value of 0.0332, indicating that exploitation interest emerged after public disclosure. The two referenced URLs point to the vendor site and a GitHub proof-of-concept description but contain no published mitigation guidance or patch details.

EU & UK References

Vulnerability details

Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password and account number parameters.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Unauthenticated remote exploitation of public-facing app (CWE-522) directly enables T1190 for initial access and T1068 for resulting privilege escalation/RCE.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-35155Shared CWE-522
CVE-2026-23958Shared CWE-522
CVE-2026-35467Shared CWE-522
CVE-2026-32171Shared CWE-522
CVE-2024-23733Shared CWE-522
CVE-2024-41770Shared CWE-522
CVE-2025-0867Shared CWE-522
CVE-2024-41771Shared CWE-522
CVE-2025-27648Shared CWE-522
CVE-2025-36568Shared CWE-522

Affected Assets

Hzzcka
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

IA-5 mandates secure management and protection of authenticators like passwords, directly countering CWE-522 insufficiently protected credentials exploited via password and account parameters.

prevent

SI-10 requires validation of information inputs, preventing remote exploitation of password and account number parameters for privilege escalation, RCE, and data exfiltration.

prevent

SI-2 ensures identification, reporting, and timely remediation of flaws like this critical password vulnerability in Safety production process management system v1.0.

References