Cyber Resilience

CVE-2026-24497

High

Published: 27 February 2026

Published
27 February 2026
Modified
17 March 2026
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0034 25.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-24497 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Thinkwise Thinkwise. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-24497 is a stack-based buffer overflow vulnerability in ThinkWise software from SimTech Systems, Inc., which enables remote code inclusion. The issue affects ThinkWise versions from 7 through 23 and is associated with CWE-121 (stack-based buffer overflow) and CWE-787 (out-of-bounds write). It received a CVSS v3.1 base score of 9.8, reflecting its critical severity due to network accessibility, low attack complexity, and lack of prerequisites.

Remote, unauthenticated attackers can exploit this vulnerability over the network without user interaction. Successful exploitation allows attackers to achieve high-impact confidentiality, integrity, and availability effects, including remote code execution on the affected system.

Mitigation details are outlined in vendor and advisory publications, including a patch notice from ThinkWise at https://www.thinkwise.co.kr/bbs/board.php?bo_table=patch&wr_id=19352 and a Korean advisory at https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71985. Security practitioners should consult these references for patching instructions and apply updates to vulnerable versions promptly.

EU & UK References

Vulnerability details

Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Stack-based buffer overflow in network-accessible ThinkWise software directly enables unauthenticated remote code execution, mapping to exploitation of a public-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-2263Shared CWE-121, CWE-787
CVE-2025-34468Shared CWE-121, CWE-787
CVE-2025-70237Shared CWE-121, CWE-787
CVE-2025-54820Shared CWE-121, CWE-787
CVE-2025-70234Shared CWE-121, CWE-787
CVE-2025-0282Shared CWE-121, CWE-787
CVE-2025-70245Shared CWE-121, CWE-787
CVE-2025-70239Shared CWE-121, CWE-787
CVE-2023-54334Shared CWE-121, CWE-787
CVE-2025-66047Shared CWE-121, CWE-787

Affected Assets

thinkwise
thinkwise
7 — 23

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires identification, reporting, and timely correction of the stack-based buffer overflow flaw through patching vulnerable ThinkWise versions.

prevent

Implements memory protection mechanisms such as stack canaries, ASLR, and DEP to directly mitigate stack-based buffer overflow exploits leading to RCE.

prevent

Enforces validation of incoming network inputs to prevent malformed or oversized data from triggering the buffer overflow and remote code inclusion.

References