CVE-2024-28581 identifies a buffer overflow vulnerability in the FreeImage open-source library version 3.19.0 (revision 1909), specifically within the _assignPixel<>() function responsible for reading TARGA image files. The vulnerability arises due to improper bounds checking when assigning pixel data, which can lead to a stack-based buffer overflow (CWE-121). Exploitation requires local access but no privileges or user interaction, enabling an attacker to execute arbitrary code with the privileges of the affected process. The vulnerability affects confidentiality, integrity, and availability by potentially allowing code execution, data corruption, or denial of service. The CVSS v3.1 base score is 8.4, reflecting high severity with low attack complexity and no required privileges or user interaction. No patches or fixes are currently linked, and no known exploits have been observed in the wild. FreeImage is widely used in various software applications for image processing, including multimedia, graphics editing, and game development, making this vulnerability relevant to many organizations. The vulnerability's exploitation vector is local, meaning attackers must have access to the system, but the lack of required privileges lowers the barrier for exploitation once access is gained.

The vulnerability allows local attackers to execute arbitrary code, potentially leading to full system compromise depending on the privileges of the affected process. This can result in unauthorized data access, modification, or destruction, and disruption of services relying on FreeImage for image processing. Organizations using FreeImage in environments where users have local access, such as developer workstations, multimedia production systems, or embedded devices, face increased risk. The flaw could be leveraged in multi-user systems or combined with other vulnerabilities to escalate privileges or move laterally within networks. The absence of known exploits currently limits immediate widespread impact, but the high severity score and ease of exploitation suggest significant potential damage if weaponized. Industries processing TARGA images, including gaming, digital media, and certain industrial applications, are particularly vulnerable. The vulnerability also poses risks to software supply chains that incorporate FreeImage, potentially affecting downstream applications and services globally.

Since no official patches are currently available, organizations should implement immediate mitigations such as restricting local access to systems running FreeImage, especially limiting untrusted users from processing TARGA images. Employ strict input validation and sanitization for image files before processing to detect malformed or suspicious TARGA files. Use application whitelisting and behavior monitoring to detect anomalous execution patterns indicative of exploitation attempts. Consider isolating image processing tasks in sandboxed or containerized environments to limit potential damage from exploitation. Monitor system logs and security alerts for unusual activity related to FreeImage or image processing components. Stay updated with FreeImage project communications for forthcoming patches and apply them promptly once released. For developers, review and harden the image parsing code, potentially replacing or updating FreeImage with safer alternatives if feasible. Conduct regular security assessments and penetration testing focusing on local privilege escalation and code execution vectors involving image processing libraries.