CVE-2024-7107: CWE-552 Files or Directories Accessible to External Parties in National Keep Cyber Security Services CyberMath
CVE-2024-7107 is a medium severity vulnerability in National Keep Cyber Security Services CyberMath that allows external parties to access files or directories that should not be publicly accessible. This vulnerability is categorized under CWE-552, indicating improper access control to files or directories. The issue affects versions of CyberMath before CYBM. 240816253. There is no official patch or remediation level provided yet, and no known exploits are reported in the wild. The vulnerability requires low privileges and local access to be exploited, with no user interaction needed. The vendor has not yet published a fix or advisory detailing remediation steps.
AI Analysis
Technical Summary
CVE-2024-7107 is a vulnerability in CyberMath by National Keep Cyber Security Services where files or directories are accessible to external parties, potentially allowing unauthorized data collection from common resource locations. It affects versions prior to CYBM.240816253. The CVSS 4.0 base score is 6.8 (medium severity), with an attack vector of local access and low attack complexity. The vulnerability does not require user interaction and has high confidentiality impact but no integrity or availability impact. No official patch or remediation guidance is currently available from the vendor.
Potential Impact
The vulnerability allows unauthorized external parties with local access and low privileges to collect data from files or directories that should be restricted. This could lead to confidentiality breaches of sensitive information stored in these locations. There is no indication of impact on integrity or availability. No known exploits are currently reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict local access to CyberMath installations and sensitive directories to trusted users only. Monitor for any updates from National Keep Cyber Security Services regarding patches or mitigations.
CVE-2024-7107: CWE-552 Files or Directories Accessible to External Parties in National Keep Cyber Security Services CyberMath
Description
CVE-2024-7107 is a medium severity vulnerability in National Keep Cyber Security Services CyberMath that allows external parties to access files or directories that should not be publicly accessible. This vulnerability is categorized under CWE-552, indicating improper access control to files or directories. The issue affects versions of CyberMath before CYBM. 240816253. There is no official patch or remediation level provided yet, and no known exploits are reported in the wild. The vulnerability requires low privileges and local access to be exploited, with no user interaction needed. The vendor has not yet published a fix or advisory detailing remediation steps.
CVSS v4.0
Score 6.8medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-7107 is a vulnerability in CyberMath by National Keep Cyber Security Services where files or directories are accessible to external parties, potentially allowing unauthorized data collection from common resource locations. It affects versions prior to CYBM.240816253. The CVSS 4.0 base score is 6.8 (medium severity), with an attack vector of local access and low attack complexity. The vulnerability does not require user interaction and has high confidentiality impact but no integrity or availability impact. No official patch or remediation guidance is currently available from the vendor.
Potential Impact
The vulnerability allows unauthorized external parties with local access and low privileges to collect data from files or directories that should be restricted. This could lead to confidentiality breaches of sensitive information stored in these locations. There is no indication of impact on integrity or availability. No known exploits are currently reported in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, restrict local access to CyberMath installations and sensitive directories to trusted users only. Monitor for any updates from National Keep Cyber Security Services regarding patches or mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TR-CERT
- Date Reserved
- 2024-07-25T13:01:03.362Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a2085e9e29bf47b50e5adb1
Added to database: 6/3/2026, 7:52:09 PM
Last enriched: 6/3/2026, 7:52:48 PM
Last updated: 6/4/2026, 4:57:49 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.