CVE-2024-27730 – This vulnerability allows remote attackers to b... (How to Fix)

Q: What is the severity of CVE-2024-27730?

CVE-2024-27730 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to bypass authorization checks in Friendica's calendar event feature, potentially accessing sensitive information and executing arbitrary code. All Friendica v.2023.12 installations with the calendar feature enabled are affected.

📋 TL;DR

This vulnerability allows remote attackers to bypass authorization checks in Friendica's calendar event feature, potentially accessing sensitive information and executing arbitrary code. All Friendica v.2023.12 installations with the calendar feature enabled are affected.

💻 Affected Systems

Products:

Friendica

Versions: v.2023.12

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires calendar feature to be enabled (enabled by default in most configurations).

📦 What is this software?

Friendica by Friendica

View all CVEs affecting Friendica →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data exfiltration, and lateral movement within the network.

🟠

Likely Case

Unauthorized access to sensitive calendar data and potential privilege escalation within the Friendica application.

🟢

If Mitigated

Limited information disclosure if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but authorization bypass makes it accessible to low-privilege users.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v.2024.03 or later

Vendor Advisory: https://github.com/friendica/friendica/pull/13927

Restart Required: Yes

Instructions:

1. Backup your Friendica installation and database. 2. Update to Friendica v.2024.03 or later via git pull or package manager. 3. Run database updates if required. 4. Restart web server services.

🔧 Temporary Workarounds

Disable Calendar Feature

all

Temporarily disable the vulnerable calendar feature until patching is possible.

Edit config/local.config.php and add: $a->config['system']['disable_calendar'] = true;

🧯 If You Can't Patch

Implement strict network access controls to limit Friendica access to trusted users only.
Enable detailed logging and monitoring for unauthorized calendar event access attempts.

🔍 How to Verify

Check if Vulnerable:

Check Friendica version in admin panel or view source for version string. If version is exactly 2023.12, you are vulnerable.

Check Version:

grep -r "FRIENDICA_VERSION" /path/to/friendica/ or check admin dashboard

Verify Fix Applied:

Verify version is 2024.03 or later and test calendar event functionality with different user roles.

📡 Detection & Monitoring

Log Indicators:

Unusual calendar event access patterns
Multiple failed authorization attempts on calendar endpoints
Unexpected process execution from web server context

Network Indicators:

Unusual outbound connections from Friendica server
HTTP requests to calendar endpoints with unexpected cid parameters

SIEM Query:

source="friendica_logs" AND (uri="/calendar/" OR uri="/event/") AND (status=200 OR status=403) | stats count by src_ip, user

📊 Metadata

CVE ID: CVE-2024-27730

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-639

Published: August 15, 2024

Last Updated: June 4, 2025

🔗 References

https://github.com/friendica/friendica/pull/13927 Issue Tracking,Patch
https://leo.oliver.nz/posts/2024/05/friendica-cve-disclosures/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-27730, you might also want to check these: