Cyber Posture

CVE-2024-57964

High

Published: 18 February 2025

Published
18 February 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0001 2.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57964 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Hitachi (inferred from references). Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL Side-Loading (T1574.002); ranked at the 2.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-7 (Software, Firmware, and Information Integrity).

Threat & Defense at a Glance

What attackers do: exploitation maps to DLL Side-Loading (T1574.002). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates CVE-2024-57964 by applying vendor patches or workarounds from the Hitachi advisory to fix the insecure DLL loading flaw.

SI-7 Software, Firmware, and Information Integrity good match
preventdetect

Verifies integrity of software components like DLLs prior to execution, preventing loading of malicious libraries placed by local attackers exploiting insecure paths.

SI-3 Malicious Code Protection partial match
preventdetect

Deploys anti-malware mechanisms to scan for and block malicious DLLs that could be loaded via the insecure dynamic link library mechanism.

MITRE ATT&CK Enterprise TechniquesAI

T1574.002 DLL Side-Loading Stealth
Adversaries may execute their own malicious payloads by side-loading DLLs.
attack.mitre.org →
Why these techniques?

CWE-427 insecure DLL loading directly enables DLL side-loading for arbitrary code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:.

Deeper analysisAI

CVE-2024-57964 is a vulnerability involving insecure loading of dynamic link libraries (CWE-427) in the HVAC Energy Saving Program. This flaw could allow local attackers to potentially disclose sensitive information or execute arbitrary code on affected systems. The issue specifically affects the HVAC Energy Saving Program, with a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating high impact potential despite requiring local access and user interaction.

A local attacker with low privileges can exploit this vulnerability through low-complexity means, provided the user interacts in some way, such as opening a malicious file or triggering the insecure DLL loading. Successful exploitation could result in high confidentiality, integrity, and availability impacts, including information disclosure or arbitrary code execution on the affected system.

Mitigation details are outlined in the advisory published by Hitachi at https://www.hitachi.com/hirt/hitachi-sec/2025/001.html, which was referenced alongside the CVE published on 2025-02-18. Security practitioners should consult this advisory for patching instructions or workarounds specific to the HVAC Energy Saving Program.

Details

CWE(s)
CWE-427

Affected Products

Hitachi
inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2026-23755Shared CWE-427
CVE-2024-9493Shared CWE-427
CVE-2026-5397Shared CWE-427
CVE-2026-2713Shared CWE-427
CVE-2024-57426Shared CWE-427
CVE-2024-57963Shared CWE-427
CVE-2025-21127Shared CWE-427
CVE-2024-9498Shared CWE-427
CVE-2024-55543Shared CWE-427
CVE-2025-54519Shared CWE-427

References