PatchSiren cyber security CVE debrief
CVE-2024-10930 Carrier CVE debrief
CVE-2024-10930 affects Carrier Block Load and is described as a DLL hijacking issue that could let a malicious actor execute arbitrary code with escalated privileges. CISA’s advisory for ICSA-25-063-01 was initially published on 2025-03-04 and identifies affected Carrier Block Load versions in the v4.10 to before v4.16 range, with Carrier recommending upgrade to v4.2 or later.
- Vendor
- Carrier
- Product
- Block Load
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-20
- Original CVE updated
- 2025-02-20
- Advisory published
- 2025-02-20
- Advisory updated
- 2025-02-20
Who should care
Administrators, integrators, and operators running Carrier Block Load in industrial/OT environments, especially systems in the affected version range. Security teams responsible for endpoint controls, software allowlisting, and patch management should also review exposure.
Technical summary
The advisory describes a DLL hijacking weakness in Carrier Block Load that can be abused to load a malicious library and achieve arbitrary code execution with escalated privileges. The published CVSS 3.1 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access and user interaction are required, but the impact can be high across confidentiality, integrity, and availability.
Defensive priority
High. Although exploitation requires local access and user interaction, the consequence is elevated arbitrary code execution in affected Carrier Block Load deployments, which is especially significant in industrial control environments.
Recommended defensive actions
- Upgrade Carrier Block Load to v4.2 or later, per Carrier’s remediation guidance.
- Inventory installations to confirm whether any instance falls within the affected version range identified in the CSAF advisory (v4.10 to before v4.16).
- Restrict local user access and apply least-privilege principles on hosts running Carrier Block Load.
- Use application allowlisting and software integrity controls to reduce DLL hijacking risk.
- Monitor for unexpected DLL loads or changes in application directories on affected systems.
- Review CISA’s ICS recommended practices and Carrier’s product security advisory for environment-specific hardening guidance.
Evidence notes
All core findings are taken from the supplied CISA CSAF advisory ICSA-25-063-01 and the linked Carrier remediation guidance. The source lists the affected product as Carrier Block Load, states the issue could allow DLL hijacking and arbitrary code execution with escalated privileges, provides the affected version range, and recommends upgrading to v4.2 or later. No exploit details or unverified impact claims were added.
Official resources
-
CVE-2024-10930 CVE record
CVE.org
-
CVE-2024-10930 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA initially published the advisory and CSAF for CVE-2024-10930 on 2025-03-04 (ICSA-25-063-01).