CVE-2024-57394

The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities.

CVSS

No CVSS.

References

Link	Resource
https://en.qianxin.com/product/detail/165
https://github.com/cwjchoi01/CVE-2024-57394

Configurations

No configuration.

History

23 Apr 2025, 14:08

Type	Values Removed	Values Added
Summary		(es) quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 permite restaurar un archivo malicioso en una ruta de acceso arbitraria. Los atacantes pueden escribir DLL maliciosas en la ruta del sistema y escalar privilegios aprovechando las vulnerabilidades de secuestro de DLL de Windows.

21 Apr 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-21 18:15

Updated : 2025-04-23 14:08

NVD link : CVE-2024-57394

Mitre link : CVE-2024-57394

CVE.ORG link : CVE-2024-57394

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-57394

Attach tags to `CVE-2024-57394`