Login Sign Up

CVE-2024-3460

7.4 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in KioWare for Windows allows attackers to bypass the kiosk software's restrictions during a brief time window before automatic logout. By exploiting already-running external applications, attackers can launch arbitrary programs. This affects all KioWare for Windows versions through 8.34 when deployed in kiosk mode.

💻 Affected Systems

Products:
  • KioWare for Windows
Versions: All versions through 8.34
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Requires external applications left running when KioWare launches, attacker knowledge of PIN, and ability to slow down application to extend time window.

📦 What is this software?

Kioware by Kioware

View all CVEs affecting Kioware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the kiosk system allowing execution of malicious software, data theft, or system takeover.

🟠

Likely Case

Limited unauthorized application execution within the kiosk environment, potentially accessing restricted functions or data.

🟢

If Mitigated

Minimal impact with proper application isolation and monitoring controls in place.

🌐 Internet-Facing: MEDIUM - Kiosks are often internet-facing but require specific preconditions and attacker knowledge.
🏢 Internal Only: LOW - Internal kiosks have reduced attack surface and require physical access.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires multiple preconditions: knowledge of PIN, ability to slow down application, and external applications already running.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 8.35 or later

Vendor Advisory: https://www.kioware.com/

Restart Required: Yes

Instructions:

1. Download KioWare version 8.35 or later from vendor website. 2. Install update following vendor instructions. 3. Restart affected systems.

🔧 Temporary Workarounds

Application Isolation

windows

Ensure no external applications are running when KioWare launches

Configure system to close all applications before KioWare start

Session Timeout Reduction

windows

Reduce automatic logout timer to minimize exploit window

Adjust KioWare configuration to reduce logout delay

🧯 If You Can't Patch

  • Implement strict application whitelisting to prevent unauthorized program execution
  • Increase monitoring of kiosk systems for unusual activity or process creation

🔍 How to Verify

Check if Vulnerable:

Check KioWare version in application settings or About dialog

Check Version:

Check KioWare application interface for version information

Verify Fix Applied:

Confirm version is 8.35 or higher after update

📡 Detection & Monitoring

Log Indicators:

  • Unexpected process launches from kiosk sessions
  • Multiple rapid logout/login events

Network Indicators:

  • Unusual network connections originating from kiosk systems

SIEM Query:

Process creation events from kiosk systems outside expected application set

📊 Metadata

CVE ID: CVE-2024-3460
CVSS v3 Score: 7.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-424
Published: May 14, 2024
Last Updated: February 12, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-3460, you might also want to check these:

CVE-2025-48827 10.0

This vulnerability allows unauthenticated attackers to invoke protected API controller methods in vB...

Same vulnerability type (CWE-424)
CVE-2024-58136 9.0

This CVE describes a security regression in Yii 2 framework where improper handling of behavior atta...

Same vulnerability type (CWE-424)
CVE-2023-52952 8.5

This vulnerability allows an unauthenticated local attacker to escape the restricted kiosk mode envi...

Same vulnerability type (CWE-424)