What is CVE-2024-6364?

A medium-severity vulnerability in Absolute Persistence® versions before 2.8 could allow attackers with physical access and network control to execute OS commands. Immediate firmware updates are necessary.

What is the severity of CVE-2024-6364?

CVE-2024-6364 has a severity rating of MEDIUM with a CVSS base score of 6.9.

CVE-2024-6364 | Medium Vulnerability in Absolute Persistence

A vulnerability in Absolute Persistence® versions before 2.8 exists when it is not activated. This vulnerability allows a skilled attacker with both physical access to the device and full hostile network control to initiate OS commands on the device. The potential impact of this vulnerability is significant, as it could lead to unauthorized command execution, compromising confidentiality and integrity of the device. Organizations utilizing this software should consider the implications of this vulnerability, given the potentially damaging outcomes.

The CVSS score for this vulnerability is 6.9, indicating a medium severity level. This score reflects the physical attack vector, high complexity in exploiting the vulnerability, and the low privileges required to execute commands. Consequently, organizations should address this vulnerability in their priority patch cycle to mitigate risks associated with potential exploitation.

To remediate this vulnerability, organizations should update the device firmware to the latest available version. Please contact the device manufacturer or Absolute Security for upgrade instructions. Given the nature of this vulnerability and its requirements for exploitation, immediate attention is warranted.

Risk to organizations includes unauthorized access and control over devices, leading to potential data breaches or system integrity issues. Organizations should prioritize patching immediately.

Vulnerability Details

The vulnerability is classified under CWE-284, indicating improper access control. The affected product is Absolute Persistence, and the vulnerability affects all versions prior to 2.8 when the product is not activated. The vulnerability was published on May 13, 2025.

Technical Analysis

The root cause of this vulnerability lies in the failure to adequately control access when the Absolute Persistence software is not activated. This allows an attacker with physical access to the device to exploit the vulnerability. The attack vector is physical, and the complexity of the attack is high, requiring the attacker to have both physical access and hostile network control. The attacker requires low privileges, and no user interaction is needed for exploitation. The confidentiality and integrity impacts are classified as high, while availability impact is none.

Risk & Impact Analysis

Considering the potential for an attacker to execute OS commands, the risk to organizations includes unauthorized access, leading to possible data loss or disruption of services. The vulnerability's characteristics suggest a serious threat, especially for organizations relying on the Absolute Persistence software in sensitive environments. The urgency for remediation is high, given the exploitability potential in scenarios where the attacker has physical access.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of Absolute Persistence prior to 2.8 are affected. Organizations should ensure they are operating the latest firmware version to mitigate this vulnerability.

Mitigation & Remediation

Organizations should update the device firmware to the latest available version to remediate this vulnerability. For guidance on the update process, please consult the device manufacturer or Absolute Security. Configuration hardening should also be performed to limit physical access to devices and enhance network security controls to prevent unauthorized access.

Detection Guidance

Monitoring device logs for unauthorized OS command executions and behavioral anomalies related to device integrity can help detect exploitation attempts. Network signatures should be established to identify potential unauthorized access.

AppSecure Threat Intelligence Insight

The long-term significance of the CVE-2024-6364 vulnerability highlights the critical need for organizations to maintain up-to-date security measures, especially in environments with physical device access. This vulnerability represents a pattern of risk associated with physical security and operational stability in device management. Security teams can learn from this case by implementing robust access control measures and ensuring that firmware updates are applied promptly to mitigate vulnerabilities.

For further reading on security best practices, organizations can refer to our penetration testing methodology and consider engaging in penetration testing services to further enhance their security posture.

Additionally, organizations should remain aware of emerging threats and engage with resources such as our vulnerability management program to stay informed and proactive.

Lastly, consider reviewing our insights on API security testing as part of a comprehensive security framework.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2024-6364: Medium Vulnerability in Absolute Persistence