CVE-2024-44623 is a vulnerability identified in TuomoKu SPx-GC version 1.3.0 and earlier, involving the child_process.js function. This vulnerability allows a remote attacker with local access to execute arbitrary code on the affected system. The root cause is related to CWE-94, which involves improper control over code generation, indicating that the application fails to properly sanitize or restrict code execution paths within the child_process.js module. The CVSS v3.1 score is 7.3, reflecting high severity with an attack vector classified as local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The scope is unchanged (S:U), with high impact on confidentiality (C:H), low impact on integrity (I:L), and low impact on availability (A:L). This suggests that successful exploitation could lead to significant data exposure but limited modification or denial of service. No patches or known exploits are currently available, emphasizing the need for proactive mitigation. The vulnerability is particularly dangerous in environments where local users or processes can be coerced or compromised to trigger the exploit, potentially leading to unauthorized code execution and data breaches.

The primary impact of CVE-2024-44623 is unauthorized code execution on systems running vulnerable versions of TuomoKu SPx-GC. This can lead to severe confidentiality breaches, as attackers may access sensitive data or escalate privileges. Although integrity and availability impacts are rated low, attackers could use this foothold to deploy further attacks or maintain persistence. Organizations relying on TuomoKu SPx-GC in critical infrastructure, development environments, or sensitive data processing are at risk of data leakage and potential lateral movement within networks. The local attack vector limits remote exploitation but increases the threat from insider attacks or compromised local accounts. The absence of known exploits currently reduces immediate risk but does not eliminate the potential for future weaponization. Overall, this vulnerability could facilitate targeted attacks against organizations with local access exposure, especially in environments with weak internal access controls.

To mitigate CVE-2024-44623, organizations should first verify if they are running TuomoKu SPx-GC version 1.3.0 or earlier and plan immediate upgrades once patches become available. In the absence of official patches, restrict local access to trusted users only and enforce strict access controls and monitoring on systems running the affected software. Employ application whitelisting to prevent unauthorized code execution and use runtime application self-protection (RASP) tools to detect anomalous child_process.js invocations. Conduct regular audits of local user privileges and implement multi-factor authentication to reduce the risk of compromised accounts. Network segmentation can limit lateral movement if exploitation occurs. Additionally, monitor logs for unusual process creation or execution patterns related to child_process.js. Engage with the vendor for timely updates and consider temporary compensating controls such as disabling vulnerable functionalities if feasible.