CVE-2024-58278 HIGH

CVE-2024-58278: IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

Vendor Indigostar Software
Product perl2exe
Weakness CWE-78
Published December 4, 2025
Last update May 14, 2026

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized access.

Key dates

02Disclosure timeline

December 4, 2025 CVE published
May 14, 2026 Record updated