CVE-2024-7344

Summary

Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.

Affected Software

VendorProductVersion RangeStatus
RadixSmartRecovery* < 11.2.023-20240927affected
Greenware TechnologiesGreenGuard* < 10.2.023-20240927affected
Howyar TechnologiesSysReturn (32-bit and 64-bit)* < 10.2.02320240919affected
SANFONGSANFONG EZ-Back System* < 10.3.024-20241127affected
CES TaiwanCES NeoImpact* < 10.1.024-20241127affected
SignalComputerHDD King* < 10.3.021-20241127affected

Weaknesses

  • CWE-426: Untrusted Search Path
  • CWE-347: Lack/Improper Verification of Cryptographic Signature

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

Additional References

References