CVE-2024-7344
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2024-7344. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1EPSS Score
v2025.03.14There is a 0.1% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
Available Exploits
Related News
ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Secure Boot on …
Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) …
The vulnerability (CVE-2024-7344) allowed bad actors to sneak malicious code onto devices in a way that could bypass many of Windows 11's built-in security defenses. It exploited a flaw in how certain third-party firmware utilities handled secure UEFI boot pr…
Microsoft finally patched the security threat (CVE-2024-7344), allowing bad actors to gain unauthorized access to Windows 11 by bypassing Secure Boot for over 7 months.
Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure…
Affected Products
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
Affected Versions:
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: January 14, 2025, Modified: January 21, 2025
Social Media Intelligence
Real-time discussions and threat intelligence from social platforms
Naujas „HybridPetya“ išpirkos reikalaujantis virusas gali apeiti UEFI Secure Boot Neseniai aptikta išpirkos reikalaujanti kenkėjiška programa HybridPetya geba apeiti UEFI Secure Boot apsaugą ir įdiegti kenkėjišką aplikaciją EFI sistemos skaidinyje. Ši grėsmė, pasirodžiusi „VirusTotal“ platformoje, atrodo įkvėpta destruktyvių Petya ir NotPetya atakų iš 2016–2017 metų, kurios užšifruodavo kompiuterius ir neleisdavo …
HybridPetya ransomware bypasses UEFI Secure Boot Researchers at ESET have discovered a new ransomware strain called HybridPetya that can bypass UEFI Secure Boot by exploiting CVE-2024-7344. Key points: * Installs into the EFI System Partition * Mimics Petya/NotPetya ransomware behavior (fake CHKDSK, ransom note, destructive encryption) * Not yet seen …
HYBRIDPETYA: UEFI SECURE BOOT BYPASS VIA CVE-2024-7344 TL;DR: New VirusTotal samples named HybridPetya mimic Petya/NotPetya but add a UEFI infection path; one variant exploits CVE‑2024‑7344 (cloak.dat) to bypass Secure Boot and install an EFI app that encrypts the NTFS MFT. - Scope/impact: Targets NTFS MFT encryption and UEFI boot integrity; …
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible... **CVEs:** CVE-2024-7344 **Source:** https://thehackernews.com/2025/09/new-hybridpetya-ransomware-bypasses.html
New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit
Legion Pro 7i Gen 9 / 16IRX9H, June 25 BIOS N2CN27WW Available for Download **June 25, BIOS N2CN27WW is available for Legion Pro 7i Gen 9 / 16IRX9H**, and **brings Microcode Update revision to 12E** and release notes below: [https://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/legion-series/legion-pro-7-16irx9h/83de/83de001sus/downloads/ds567127-bios-update-for-windows-10-64-bit-legion-pro-7-16irx9h?category=BIOS%2FUEFI](https://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/legion-series/legion-pro-7-16irx9h/83de/83de001sus/downloads/ds567127-bios-update-for-windows-10-64-bit-legion-pro-7-16irx9h?category=BIOS%2FUEFI) Note: During upgrade, you'll see an initial progress indicator > …
New Gen8 Bios KWCN50WW with Intel Microcode 0x12e Hi Board, there is a new Bios Update KWCN50WW for the following devices. It also contains Intel Microcode 0x12e as undocumented change. [https://download.lenovo.com/consumer/mobiles/kwcn50ww.exe](https://download.lenovo.com/consumer/mobiles/kwcn50ww.exe) [https://download.lenovo.com/consumer/mobiles/kwcn50ww.txt](https://download.lenovo.com/consumer/mobiles/kwcn50ww.txt) >Legion Pro 5 16IRX8/Lenovo Legion Pro 5 16IRX8/Legion Y9000P IRX8/Legion Pro 7 16IRX8H/Lenovo Legion Pro 7 16IRX8H/Legion Y9000P …