CVE-2024-57964 HIGH

CVE-2024-57964: Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program

Vendor Hitachi
Product HVAC Energy Saving Program
Weakness CWE-427
Published February 18, 2025
Last update February 18, 2025

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems. This issue affects HVAC Energy Saving Program:.

Key dates

02Disclosure timeline

February 18, 2025 CVE published
February 18, 2025 Record updated