QwikSec

Security Database

CVE

CWE

Training

CVE-2024-7344

Published: Jan 14, 2025

Modified: Sep 15, 2025

PUBLISHED

Description

Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.

Vendor	Product	Versions
Radix	SmartRecovery	affected `* - < 11.2.023-20240927`
Greenware Technologies	GreenGuard	affected `* - < 10.2.023-20240927`
Howyar Technologies	SysReturn (32-bit and 64-bit)	affected `* - < 10.2.02320240919`
SANFONG	SANFONG EZ-Back System	affected `* - < 10.3.024-20241127`
CES Taiwan	CES NeoImpact	affected `* - < 10.1.024-20241127`
SignalComputer	HDD King	affected `* - < 10.3.021-20241127`

References

https://uefi.org/revocationlistfile

https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html

https://uefi.org/specs/UEFI/2.10/03_Boot_Manager.html

https://www.eset.com/blog/enterprise/preparing-for-uefi-bootkits-eset-discovery-shows-the-importance-of-cyber-intelligence/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.