CVE-2024-57394

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Apr 21, 2025

Updated: May 12, 2025

CWE ID 73

Summary

CVE-2024-57394 is a newly disclosed vulnerability in Qi-ANXIN Tianqing Endpoint Security Management System v10.0. The issue lies within the quarantine-restore function, which enables users to restore a file to an arbitrary file path. Malicious actors can exploit this flaw by restoring a malicious DLL to a system path, setting the stage for privilege escalation. Attackers can take advantage of Windows DLL hijacking vulnerabilities to gain elevated access and potentially execute unauthorized commands. This vulnerability poses a significant risk to affected systems and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T5hUw
https://www.cve.org/CVERecord?id=CVE-2024-57394
https://nvd.nist.gov/vuln/detail/CVE-2024-57394

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2024-57394

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations