- Description
- Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
- Source
- cret@cert.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.2
- Impact score
- 6
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-347
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🛡️🚀 Vulnerabilidad en UEFI Secure Boot (CVE-2024-7344) permite cargar bootkits maliciosos. Actualiza tus sistemas y refuerza la seguridad para mitigar riesgos. 🔄🔍 #Ciberseguridad #UEFI #ProtecciónDeDatos https://t.co/RfKtSUKM9T
@mdsolutionsperu
27 Feb 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
==== 資安雙週報 (250201) ==== 初一十五除了呷菜喔外 也要關心一下安全圈的消息 - 空殼帳號? - 新創公司的通病? - CVE-2024-7344 bypass bootloader - CVE-2024-12297 bypass auth
@PTTNetSecurity
1 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
4 Replies
0 Quotes
Bajo el Manto de UEFI Secure Boot: Presentación de CVE-2024-7344 https://t.co/JGSj1lFoTy #securidad #ciberseguridad
@RedesSocialesES
25 Jan 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚩 #ciberseguridad #hacking Vulnerabilidad CVE-2024-7344 permite eludir UEFI Secure Boot 🔒 https://t.co/GJp7owAgw6 https://t.co/DqIRtkZ6o9
@mileseceirl
23 Jan 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
UEFI Vulnerability Bypasses Secure Boot Researchers have disclosed a now-patched security vulnerability that could allow threat actors to bypass the Secure Boot mechanism of UEFI systems. Tracked as CVE-2024-7344 and assigned a CVSS score of 6.7, this vulnerability could enable…
@WarrenTevora
22 Jan 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#UEFI: ricercatori di sicurezza di ESET hanno recentemente rilevato la vulnerabilità CVE-2024-7344 relativa al bootloader #Howyar #Reloader Rischio: 🔴 Tipologia: 🔸 Security Feature Bypass 🔸 Arbitrary Code Execution 🔗 https://t.co/AQp3uLPmz9 👉 Mitigazioni disponibili http
@csirt_it
21 Jan 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨𝗡𝘂𝗲𝘃𝗮 𝗳𝗮𝗹𝗹𝗮 𝗱𝗲 𝘀𝗲𝗴𝘂𝗿𝗶𝗱𝗮𝗱 𝗲𝗻 𝘀𝗶𝘀𝘁𝗲𝗺𝗮𝘀 𝗨𝗘𝗙𝗜 𝗱𝗲 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁🚨 Categoría: Vulnerabilidad CVE: CVE-2024-7344 Severidad: ALTA Servicios Afectados: Howyar SysReturn,Greenware GreenGuard,Radix SmartRecovery,Sistema EZ-back de Sanfong. https:/
@IntelDeep
21 Jan 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Unmasking the UEFI Secure Boot Flaw: A Deep Dive into CVE-2024-7344 https://t.co/cDnT4q3EtY #uefi #secureboot #cve20247344 #cybersecurity #vulnerability #windows11 #esetresearch #infosec #microsoft
@DefendOpsHQ
21 Jan 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical UEFI Secure Boot bypass vulnerability (CVE-2024-7344) affecting Windows and Linux systems. Attackers can exploit a vulnerable driver to install a UEFI bootkit. https://t.co/cN2cZM9jlQ
@Teemu_Tiainen
20 Jan 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
QEMU is awesome! I know, I'm late to the party, but to everyone out there wondering about ARM or not: I was able to easily *emulate* a Win7 x86 on Apple Silicon M3 and also my latest post on CVE-2024-7344 was completely done using a secure boot enabled qemu machine... https://t.c
@pascal_gujer
20 Jan 2025
113 Impressions
0 Retweets
0 Likes
1 Bookmark
1 Reply
0 Quotes
Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 https://t.co/BrVewdYdWp
@Ember329571
20 Jan 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Threat_Research Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 https://t.co/lE1fid3cTj
@ksg93rd
20 Jan 2025
211 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/WnYsaMExbv A new cybersecurity vulnerability has been identified, impacting a range of systems and software. This vulnerability assigned the identifier CVE-2024-7344, poses potential risks to data integrity and system operations. #ESET #CyberSecurityNews
@FutureBoundIT1
20 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
UEFI and Secure Boot Vulnerabilities Again New details about CVE-2024-7344, patched during January's Patch Tuesday, raise concerns about the entire UEFI digital signature infrastructure. An unsafe component, reloader.efi, was used in a number of legitimate system maintenance or…
@kaspersky
20 Jan 2025
1291 Impressions
0 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
New UEFI vulnerability (CVE-2024-7344) allowed attackers to bypass Secure Boot, load malicious bootkits, & gain persistent system access. Now patched, it highlights the need for better firmware security & proactive defenses. #Cybersecurity #UEFI #SecureBoot #Infosec htt
@michaelplis
20 Jan 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
UEFI Secure Boot flaw (CVE-2024-7344) allows bootkits even with Secure Boot protection enabled. Patch immediately to prevent cyberattacks. https://t.co/LryvbKQrf8
@threatlight
19 Jan 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Your Secure Boot Isn’t So Secure: New CVE-2024-7344 Explained https://t.co/IXsDo5OluU
@iicsorg
19 Jan 2025
94 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
UEFI Secure Boot vulnerability CVE-2024-7344 bypasses security measures with third-party Microsoft certificate. Stay updated. https://t.co/2JavZ35IJj
@threatlight
19 Jan 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
wouldn't CVE-2024-7344 be able to bypass vanguard
@Twitchy426363
19 Jan 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344 | 18-01-2025 Source: https://t.co/U4FMlokWsy Key details below ↓ 💀Threats: Blacklotus, Bootkitty, 🎯Victims: Howyar technologies inc., Greenware technologies, Radix technologies… http
@rst_cloud
19 Jan 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Bios vs EFI y CVE-2024-7344 https://t.co/G0pOgB1WMF
@LastDragonMX
19 Jan 2025
52 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Fatal UEFI Secure Boot Flaw (CVE-2024-7344) Exposes Millions to Hackers | 18-01-2025 Source: https://t.co/KRhVOD0lVs Key details below ↓ 💀Threats: Bootkitty, Blacklotus, 🔓CVEs: CVE-2024-7344 \[[Vulners](https://t.co/Bl1nZ4vfid)] - CVSS V3.1:…
@rst_cloud
18 Jan 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad permite eludir UEFI Secure Boot CVE-2024-7344 https://t.co/sXmmOn4gWd https://t.co/vb8vEPW3E5
@elhackernet
18 Jan 2025
8337 Impressions
57 Retweets
237 Likes
85 Bookmarks
0 Replies
2 Quotes
CVE-2024-7344 impacts UEFI based systems #CVE-2024-7344 #UEFI https://t.co/UHe9jNkl18
@pravin_karthik
18 Jan 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری CVE-2024-7344 در بوت امن UEFI، امکان لود کردن بوتکیتهای مخرب را فراهم میآورد! #CVE_2024_7344 #Cyber_security_news #اخبار_امنیت_سایبری #Patch_Tuesday #UEFI_Secure_Boot https://t.co/scdNjDGxEm
@vulnerbyte
18 Jan 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
𝐔𝐄𝐅𝐈 𝐁𝐨𝐨𝐭𝐤𝐢𝐭 𝐓𝐡𝐫𝐞𝐚𝐭 𝐑𝐞𝐯𝐞𝐚𝐥𝐞𝐝 A new UEFI Secure Boot bypass vulnerability, tracked as CVE-2024-7344, has been discovered that could allow attackers to deploy malicious bootkits even with Secure Boot enabled, according to multiple sources. The… https://t.c
@TechBuzzRecap
18 Jan 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ESET researchers have discovered a significant #vulnerability (CVE-2024-7344) that can bypass #UEFISecureBoot on most UEFI-based systems. This flaw was found in a UEFI application signed by Microsoft's third-party certificate. https://t.co/8by1k6Gens
@MalwarePatrol
17 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft finally patched the security threat (CVE-2024-7344), allowing bad actors to gain unauthorized access to Windows 11 by bypassing Secure Boot for over 7 months. https://t.co/Ab4Y3s8bGX 🪲
@WindowsCentral
17 Jan 2025
3675 Impressions
2 Retweets
30 Likes
0 Bookmarks
2 Replies
1 Quote
Under the cloak of UEFI Secure Boot - Trusted Apps Sneak a Bug Into the UEFI Boot Process : Introducing CVE-2024-7344 : https://t.co/voWgQxO9Kw https://t.co/ee4MlO8jTd
@binitamshah
17 Jan 2025
4591 Impressions
15 Retweets
75 Likes
37 Bookmarks
2 Replies
0 Quotes
A security flaw has been discovered that allows attackers to bypass Secure Boot on UEFI systems. CVE-2024-7344 ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems #InfoSec #CyberSecurity https://t.co/h1DYKiWGAB
@SaifuddinAmri__
17 Jan 2025
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
Microsoft schließt kritische Sicherheitslücke in Windows-Secure-Boot. Die Schwachstelle CVE-2024-7344 ermöglichte Angreifern das Umgehen des Secure-Boot-Standards. Updates dringend empfohlen. #Microsoft #Windows https://t.co/BJTuNEeSKr
@WinFuture
17 Jan 2025
101 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
New vulnerability CVE-2024-7344 raises alarms over UEFI Secure Boot, putting critical systems at risk. Full analysis: https://t.co/JtTDqsyuin #CyberSecurityNews #PatchManagement
@CybersecSntl
17 Jan 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐔𝐄𝐅𝐈 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 𝐒𝐡𝐚𝐤𝐞𝐬 𝐒𝐞𝐜𝐮𝐫𝐞 𝐁𝐨𝐨𝐭 𝐒𝐲𝐬𝐭𝐞𝐦𝐬 BRATISLAVA, Slovakia, Jan. 16, 2025 — A recently discovered vulnerability, CVE-2024-7344, has sent shockwaves across the cybersecurity landscape by exposing a significant flaw…
@techuncut_com
17 Jan 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
UEFIセキュアブート迂回の脆弱性CVE-2024-7344が修正された。カスタムPEローダーにおけるイメージ検証不備。各ベンダから修正版。1/14のWindows Updateで脆弱なUEFIアプリの証明書は失効。 https://t.co/VaOQdV2sQQ
@__kokumoto
16 Jan 2025
2639 Impressions
10 Retweets
15 Likes
5 Bookmarks
1 Reply
1 Quote
𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐔𝐄𝐅𝐈 𝐒𝐞𝐜𝐮𝐫𝐞 𝐁𝐨𝐨𝐭 𝐅𝐥𝐚𝐰 𝐄𝐱𝐩𝐨𝐬𝐞𝐝 REDMOND, Wash., Jan. 16, 2025 — A newly discovered UEFI Secure Boot vulnerability, tracked as CVE-2024-7344, has raised alarms across the cybersecurity community. This vulnerability affects a Microsoft-signed
@techuncut_com
16 Jan 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
新たな UEFI セキュア ブート バイパスの脆弱性が発見されました (CVE-2024-7344) New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) #HelpNetSecurity (Jan 16) https://t.co/D20sk3Hue5
@foxbook
16 Jan 2025
44 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical UEFI Secure Boot vulnerability, CVE-2024-7344, lets attackers bypass security and deploy bootkits. It affects a Microsoft-signed app used by several third-party developers in their system recovery tools. Secure Boot is a vital security feature that ensures only… https
@cytexsmb
16 Jan 2025
320 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
2 Quotes
Vulnerabilidad CVE-2024-7344 permite eludir UEFI Secure Boot Vía: @ESETLA https://t.co/uK7c1Avl89 https://t.co/cGEmF9JYnB
@DragsterSystems
16 Jan 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ITSecurity CVE-2024-7344 : Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. https://t.co/iRM2oZH4UT
@seaarepea
16 Jan 2025
4 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
New vulnerability CVE-2024-7344 in UEFI Secure Boot exposes systems to bootkit attacks, compromising Microsoft-signed applications. Patch is crucial to mitigate risks. 🔒⚠️ #SecurityFlaw #Microsoft #USA #CybersecurityNews link: https://t.co/VTA9deWRum https://t.co/WjEIh0kLCF
@TweetThreatNews
16 Jan 2025
40 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A critical UEFI Secure Boot vulnerability, CVE-2024-7344, has been identified, posing a risk of bootkit deployment even with Secure Boot enabled. Protect your systems by understanding the implications and applying the necessary patches. Read more at https://t.co/5LNddzAul9.
@trubetech
16 Jan 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilità UEFI e aggiornamenti Ivanti: la sicurezza informatica sotto i riflettori Sicurezza Informatica, aggiornamenti, CVE-2024-7344, cybersecurity, Ivanti, Secure Boot, uefi https://t.co/zwaS0AMBTU https://t.co/ZFK9VBfMp1
@matricedigitale
16 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trusted Apps Sneak a Bug Into the UEFI Boot Process: https://t.co/F3G1QdJSrS A vulnerability (CVE-2024-7344) in trusted recovery programs allows attackers to inject malware into the UEFI boot process, bypassing Secure Boot. Seven products, including Howyar SysReturn and… https:/
@securityRSS
16 Jan 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A vulnerability (CVE-2024-7344) in several trusted recovery apps allows attackers to inject malware into the UEFI boot process, bypassing Secure Boot. Risks impact users heavily. ⚠️💻 #MalwareThreat #UEFI #USA #CybersecurityNews link: https://t.co/ySiaQ3mvZR https://t.co/dtM6jRw
@TweetThreatNews
16 Jan 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔒 A new flaw (CVE-2024-7344) in UEFI systems has been discovered, letting attackers run unsigned code during system boot—even with Secure Boot enabled. Read more ➡️ https://t.co/jSjPrH6XLi
@TheHackersNews
16 Jan 2025
14716 Impressions
107 Retweets
172 Likes
51 Bookmarks
0 Replies
3 Quotes
New #UEFI #Secure Boot bypass #vulnerability discovered (CVE-2024-7344) https://t.co/MeNZbIo5t7
@ScyScan
16 Jan 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Breaking: ESET researchers uncover a #vulnerability that allows bypassing #UEFI Secure Boot. The security flaw, tracked as CVE-2024-7344, affects most UEFI-based systems and, if exploited, could let attackers deploy malicious UEFI bootkits. Read more: https://t.co/gPH58ABOkB
@welivesecurity
16 Jan 2025
1262 Impressions
15 Retweets
30 Likes
7 Bookmarks
0 Replies
0 Quotes
CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats Discover the security flaw in Howyar Reloader UEFI bootloader, CVE-2024-7344, that allows attackers to bypass Secure Boot and execute unsigned software https://t.co/F1cVdNAOaH
@the_yellow_fall
16 Jan 2025
652 Impressions
7 Retweets
14 Likes
1 Bookmark
0 Replies
0 Quotes
The SEI's CERT Division has released two new vulnerability notes: 1. The Howyar UEFI Application Reloader is vulnerable to the execution of arbitrary software from a hard-coded path (CVE-2024-7344) https://t.co/IgFvi9kViM https://t.co/9y6yMGVnoZ
@SEI_CMU
14 Jan 2025
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cs-grp:neo_impact:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "661C4664-9989-497C-9758-595D667A5E61",
"versionEndExcluding": "10.1.024-20241127"
},
{
"criteria": "cpe:2.3:a:greenware:greenguard:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C26295FA-07B6-42D8-B5E9-7B54FA3D4559",
"versionEndExcluding": "10.2.023-20240927"
},
{
"criteria": "cpe:2.3:a:howyar:sysreturn:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "070699E9-BA08-4DFA-B2D7-61289CFDF865",
"versionEndExcluding": "10.2.023_20240919"
},
{
"criteria": "cpe:2.3:a:radix:smart_recovery:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1D9F1B3-11C7-47FC-972C-017869712582",
"versionEndExcluding": "11.2.023-20240927"
},
{
"criteria": "cpe:2.3:a:sanfong:ez-back_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A794B06A-1AAC-49D4-8AD5-813A84B6DA60",
"versionEndExcluding": "10.3.024-20241127"
},
{
"criteria": "cpe:2.3:a:signalcomputer:hdd_king:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD9C4071-6E0B-472B-89BB-88D324D47534",
"versionEndExcluding": "10.3.021-20241127"
},
{
"criteria": "cpe:2.3:a:wasay:erecoveryrx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDA5BBD9-2DCD-4F4B-94A2-28E62180ADA3",
"versionEndExcluding": "8.4.022-20241127"
}
],
"operator": "OR"
}
]
}
]