Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-6364

UNKNOWN
Published 2025-05-13T17:00:07.443Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-6364. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A vulnerability in Absolute Persistence® versions before 2.8 exists when it is not activated. This may allow a skilled attacker with both physical access to the device, and full hostile network control, to initiate OS commands on the device. To remediate this vulnerability, update the device firmware to the latest available version. Please contact the device manufacturer for upgrade instructions or contact Absolute Security, see reference below.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Absolute Security

Absolute Persistence

Affected Versions:

0

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

Not EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

A vulnerability in Absolute Persistence® versions before 2.8 exists when it is not activated. This may allow a skilled attacker with both physical access to the device, and full hostile network control, to initiate OS commands on the device. To remediate this vulnerability, update the device firmware to the latest available version. Please contact the device manufacturer for upgrade instructions or contact Absolute Security, see reference below.

Affected Products (ENISA)

absolute security
absolute persistence

ENISA Scoring

CVSS Score (4.0)

6.9
/10
CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

EPSS Score

0.030
probability

ENISA References

https://www.absolute.com/platform/vulnerability-archive/CVE-2024-6364
https://nvd.nist.gov/vuln/detail/CVE-2024-6364
https://www.absolute.com/platform/vulnerability-archive/cve-2024-6364

Data provided by ENISA EU Vulnerability Database. Last updated: May 13, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-rmx6-3w23-whmj

Advisory Details

A vulnerability in Absolute Persistence® versions before 2.8 exists when it is not activated. This may allow a skilled attacker with both physical access to the device, and full hostile network control, to initiate OS commands on the device. To remediate this vulnerability, update the device firmware to the latest available version. Please contact the device manufacturer for upgrade instructions or contact Absolute Security, see reference below.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-6364
WEB https://www.absolute.com/platform/vulnerability-archive/cve-2024-6364

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2025, Modified: July 15, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post
Reddit 2 months ago
TumbleweedAfter5531

Bios update legion go I’ve not installed it yet but noticed this news update Is it new? Changelog 1. Base on BIOS36. 2. Update AMD PI 1.2.0.0. 3. Add CVE-2024-36347 patch. 4. Add CVE-2023-40238 patch. 5. Add CVE-2024-38796 patch. 6. Add CVE-2024-6364 patch. 7. Add CVE-2024-52877 patch. 8. Add CVE-2024-52878 …

Also mentions: CVE-2024-36347 CVE-2024-52878 CVE-2024-52880 CVE-2024-52879 CVE-2024-52877 CVE-2024-38796 CVE-2023-40238
2
5
12.0
View Original

References

https://www.absolute.com/platform/vulnerability-archive/cve-2024-6364
Published: 2025-05-13T17:00:07.443Z
Last Modified: 2025-05-13T17:37:58.419Z
Copied to clipboard!