Cyber Resilience

CVE-2024-8785

Critical

Published: 02 December 2024

Published
02 December 2024
Modified
09 December 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0404 88.8th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-8785 is a critical-severity Incorrect Use of Privileged APIs (CWE-648) vulnerability in Progress Whatsup Gold. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 11.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-8785 affects WhatsUp Gold versions prior to 2024.0.1 and stems from improper access controls in the NmAPI.exe component. The flaw permits modification of registry values under the HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\ path without authentication, corresponding to CWE-648.

A remote attacker with no credentials can send crafted requests to NmAPI.exe over the network to create or alter registry entries. Successful exploitation grants the ability to modify system configuration data, which under the CVSS vector yields full confidentiality, integrity, and availability impact with a score of 9.8.

Progress Software advisories direct customers to upgrade to WhatsUp Gold 2024.0.1 or later; the associated release notes confirm that the registry modification path is restricted after the update. The referenced security bulletin and product documentation provide the primary remediation guidance.

EPSS for the CVE rose from a low baseline to a peak of 0.1102 on 2025-12-11 before receding to the current value of 0.0404, indicating a period of increased exploitation interest following disclosure.

EU & UK References

Vulnerability details

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

progress
whatsup gold
≤ 24.0.1

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References