CVE-2024-24350 is a high-severity file upload vulnerability identified in Software Publico e-Sic Livre version 2.0 and earlier. The vulnerability arises from improper validation in the extension filtering component of the file upload functionality. This flaw allows a remote attacker with low privileges (PR:L) to bypass extension restrictions and upload malicious files, leading to arbitrary code execution on the affected system. The vulnerability does not require user interaction (UI:N) and can be exploited over the network (AV:N). The scope of the vulnerability is unchanged (S:U), meaning the impact is limited to the vulnerable component or system. The CVSS v3.1 base score is 8.8, reflecting high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). The underlying weakness corresponds to CWE-434, which relates to unrestricted file upload vulnerabilities. Although no known exploits are reported in the wild yet, the vulnerability presents a significant risk due to the ease of exploitation and the potential for full system compromise. The lack of vendor or product-specific details limits precise identification, but the affected software is likely used in public sector or governmental contexts given the name "Software Publico e-Sic Livre." The absence of published patches increases the urgency for mitigation and monitoring.

For European organizations, especially those in the public sector or entities using Software Publico e-Sic Livre or similar platforms, this vulnerability poses a critical risk. Successful exploitation could lead to full system compromise, data breaches involving sensitive citizen or organizational data, disruption of public services, and potential lateral movement within networks. The high impact on confidentiality, integrity, and availability could undermine trust in public digital services and result in regulatory penalties under GDPR if personal data is exposed. Additionally, the ability to execute arbitrary code remotely without user interaction makes this vulnerability attractive for attackers aiming to deploy ransomware, espionage tools, or disrupt operations. Given the software's likely use in government or public administration, the threat could extend to critical infrastructure and essential services, amplifying the potential societal and economic consequences.

1. Immediate mitigation should include disabling or restricting the file upload functionality in affected systems until a patch is available. 2. Implement strict server-side validation of uploaded files beyond extension filtering, including MIME type verification, file content inspection, and sandboxing of uploaded files. 3. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious file upload attempts targeting this vulnerability. 4. Conduct thorough code reviews and penetration testing focused on file upload components to identify and remediate similar weaknesses. 5. Monitor logs for unusual file upload activity and signs of exploitation attempts. 6. Isolate affected systems within network segments to limit potential lateral movement. 7. Engage with the software vendor or community to obtain patches or updates as soon as they become available. 8. Educate administrators and users about the risks of file upload vulnerabilities and enforce the principle of least privilege for accounts with upload permissions.