CVE-2024-12957

A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.

CVSS

No CVSS.

References

Link	Resource
https://www.asus.com/content/asus-product-security-advisory/

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad en el comando de gestión de archivos en ciertas versiones de Armoury Crate puede provocar la eliminación arbitraria de archivos. Consulta la sección "Actualización de seguridad del 23/01/2025 para la aplicación Armoury Crate" en el Aviso de seguridad de ASUS para obtener más información.

23 Jan 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-23 10:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-12957

Mitre link : CVE-2024-12957

CVE.ORG link : CVE-2024-12957

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2024-12957", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-01-23T10:15:06.867", "references": [{"url": "https://www.asus.com/content/asus-product-security-advisory/", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion.\nRefer to the '01/23/2025 Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information."}, {"lang": "es", "value": "Una vulnerabilidad en el comando de gesti\u00f3n de archivos en ciertas versiones de Armoury Crate puede provocar la eliminaci\u00f3n arbitraria de archivos. Consulta la secci\u00f3n \"Actualizaci\u00f3n de seguridad del 23/01/2025 para la aplicaci\u00f3n Armoury Crate\" en el Aviso de seguridad de ASUS para obtener m\u00e1s informaci\u00f3n."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "54bf65a7-a193-42d2-b1ba-8e150d3c35e1"}