Cyber Resilience

CVE-2024-57490

High

Published: 21 March 2025

Published
21 March 2025
Modified
01 April 2025
KEV Added
Patch
CVSS Score v3.1 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
EPSS Score 0.0003 9.7th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57490 is a high-severity Improper Authentication (CWE-287) vulnerability in Ioffice Ioffice20. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 9.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-2 (Identification and Authentication (Organizational Users)) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-57490 is an improper authentication vulnerability (CWE-287) in Guangzhou Hongfan Technology Co., LTD.'s iOffice20 software. Published on 2025-03-21 with a CVSS v3.1 base score of 7.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L), it stems from a logical flaw that allows unauthorized access to any user account, including the system administrator, without valid credentials.

Remote attackers with network access can exploit this vulnerability despite requiring high attack complexity and no privileges or user interaction. Successful exploitation grants full login access to arbitrary accounts, enabling high-impact confidentiality and integrity violations such as data exfiltration, privilege escalation, and system modification, with low availability disruption.

Advisories and additional details are referenced at https://gist.github.com/NaliangzzZ/44bfcc1d9c2cf275d2b6683ca9e20980 and https://www.ioffice.cn.

EU & UK References

Vulnerability details

Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker can log in to any system account including the system administrator through a logical flaw.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The improper authentication vulnerability in a network-accessible application directly enables remote exploitation of a public-facing app for initial access (T1190) and exploitation of the software flaw to gain administrator privileges (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-22594Shared CWE-287
CVE-2025-60772Shared CWE-287
CVE-2026-33898Shared CWE-287
CVE-2026-0405Shared CWE-287
CVE-2025-67158Shared CWE-287
CVE-2025-56333Shared CWE-287
CVE-2026-33665Shared CWE-287
CVE-2024-13528Shared CWE-287
CVE-2025-71279Shared CWE-287
CVE-2024-13804Shared CWE-287

Affected Assets

ioffice
ioffice20
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates unique identification and authentication for organizational users, directly countering the logical flaw enabling unauthorized login to any account including administrator without credentials.

prevent

Requires timely identification, reporting, and remediation of flaws such as the improper authentication vulnerability in iOffice20, eliminating the exploit path.

prevent

Enforces approved access authorizations post-authentication, providing a secondary barrier against unauthorized access granted by the authentication bypass.

References