CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57964: Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program

7.3 CVSS

Description

Insecure Loading of Dynamic Link Libraries have been discovered in HVAC Energy Saving Program, which could allow local attackers to potentially disclose information or execute arbitray code on affected systems.
This issue affects HVAC Energy Saving Program:.

Classification

CVE ID: CVE-2024-57964

CVSS Base Severity: HIGH

CVSS Base Score: 7.3

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor: Hitachi

Product: HVAC Energy Saving Program

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.84% (scored less or equal to compared to others)

EPSS Date: 2025-03-19 (when was this score calculated)

References

https://www.hitachi.com/hirt/hitachi-sec/2025/001.html

Timeline

2025-02-19 00:31:36 UTC
CVE

Insecure Loading of Dynamic Link Libraries in HVAC Energy Saving Program