Cyber Resilience

CVE-2024-9537

CriticalCISA KEVActive ExploitationEUVD Exploited

Published: 18 October 2024

Published
18 October 2024
Modified
03 November 2025
KEV Added
21 October 2024
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red
EPSS Score 0.6391 98.5th percentile
Risk Priority 77 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-9537 is a critical-severity an unspecified weakness vulnerability in Sciencelogic Sl1. Its CVSS base score is 9.3 (Critical).

Operationally, ranked in the top 1.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SC-7 (Boundary Protection).

Deeper analysis

ScienceLogic SL1, formerly known as EM7, contains an unspecified vulnerability in an unspecified third-party component included in the product. The flaw affects multiple version lines and is resolved in SL1 releases 12.1.3 and later, 12.2.3 and later, and 12.3 and later, with backported fixes supplied for the 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x branches.

The vulnerability carries a CVSS 4.0 score of 9.3 reflecting network attack vector, low complexity, no required privileges or user interaction, and high impact on confidentiality, integrity, and availability. An unauthenticated remote attacker can therefore leverage the flaw to compromise affected SL1 instances.

Vendor advisories direct customers to apply the listed updates. Public reporting links the issue to a zero-day exploitation that contributed to the Rackspace breach, and the EPSS score has reached a peak of 0.6440 with a current value of 0.6391.

EU & UK References

Vulnerability details

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made available for all SL1 versions back to…

more

version lines 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x.

CWE(s)
KEV Date Added
21 October 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

sciencelogic
sl1
10.1.0 — 12.1.3 · 12.2.0 — 12.2.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely identification and remediation of software flaws via vendor patches, which is the explicit fix for CVE-2024-9537 across all affected SL1 versions.

detect

Enables continuous monitoring of the SL1 platform to identify exploitation attempts or anomalous behavior tied to the unauthenticated remote compromise.

prevent

Restricts network-accessible interfaces on SL1, reducing the attack surface for the zero-day flaw that requires no authentication.

References