Cyber Resilience

CVE-2024-57778

High

Published: 14 February 2025

Published
14 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1138 93.7th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57778 is a high-severity Improper Privilege Management (CWE-269) vulnerability. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 6.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2024-57778 is an improper privilege management vulnerability, tracked under CWE-269, that affects Orbe ONetView Roeador Onet-1200 running firmware version 1680210096. The flaw allows a remote attacker to escalate privileges by forcing the server to return an HTTP 200 response instead of the expected 500 status code. It carries a CVSS 3.1 base score of 8.8 with an attack vector of adjacent network, low attack complexity, and no required authentication or user interaction.

An unauthenticated attacker positioned on an adjacent network can exploit the condition to obtain elevated privileges, resulting in full compromise of confidentiality, integrity, and availability on the affected device. The attack relies solely on manipulating the server’s response handling during an otherwise routine interaction.

The single public reference is a GitHub repository that documents the issue but provides no official vendor advisory, patch information, or mitigation guidance. The EPSS score reached a peak of 0.1540 before settling at the current value of 0.1138.

EU & UK References

Vulnerability details

An issue in Orbe ONetView Roeador Onet-1200 Orbe 1680210096 allows a remote attacker to escalate privileges via the servers response from status code 500 to status code 200.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

CVE directly describes a remote privilege escalation exploit via improper privilege management (CWE-269), mapping to T1068 Exploitation for Privilege Escalation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-44250Shared CWE-269
CVE-2024-53706Shared CWE-269
CVE-2025-66374Shared CWE-269
CVE-2026-28995Shared CWE-269
CVE-2025-43199Shared CWE-269
CVE-2025-36640Shared CWE-269
CVE-2025-8899Shared CWE-269
CVE-2024-47770Shared CWE-269
CVE-2025-24254Shared CWE-269
CVE-2025-27639Shared CWE-269

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly counters CWE-269 Improper Privilege Management by enforcing least privilege, preventing remote attackers from escalating from no privileges via flawed server responses.

prevent

Mandates secure error handling to ensure HTTP 500 responses do not transition insecurely to 200 status codes, blocking the privilege escalation vector.

prevent

Enforces approved access authorizations, mitigating privilege escalation attempts triggered by anomalous server response status changes.

References