PatchSiren cyber security CVE debrief
CVE-2024-22774 Panoramic Corporation CVE debrief
CVE-2024-22774 affects Panoramic Corporation Digital Imaging Software and is described by CISA as a DLL hijacking issue that may allow a standard user to obtain NT AUTHORITY/SYSTEM. The advisory was published on 2025-07-17, and the source notes that Panoramic did not provide a specific mitigation; affected users are directed to contact support and apply defensive hardening measures.
- Vendor
- Panoramic Corporation
- Product
- Digital Imaging Software
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-07-17
- Original CVE updated
- 2025-07-17
- Advisory published
- 2025-07-17
- Advisory updated
- 2025-07-17
Who should care
Organizations running Panoramic Corporation Digital Imaging Software, especially Windows administrators, security teams, and operators responsible for endpoint hardening and privilege management.
Technical summary
The advisory describes a local DLL hijacking weakness in Digital Imaging Software. The supplied CVSS vector indicates low-privilege, no-user-interaction local exploitation with high impacts to confidentiality, integrity, and availability. The source also states the vulnerable functionality is tied to an SDK component owned by Oy Ajat Ltd. that is no longer supported, and Panoramic did not recommend a product-specific mitigation.
Defensive priority
High. The issue can turn a standard user into NT AUTHORITY/SYSTEM on affected systems, which materially increases local takeover risk even though the attack is local and requires prior access to the host.
Recommended defensive actions
- Inventory all systems running Panoramic Corporation Digital Imaging Software and identify the specific product instances affected.
- Contact Panoramic Corporation support at [email protected] for product-specific guidance and any available update or replacement path.
- Apply least-privilege controls on affected hosts and restrict standard users from modifying application directories or DLL search locations.
- Review Windows application hardening and DLL loading protections to reduce DLL hijacking risk.
- Follow CISA industrial control system defensive guidance and defense-in-depth practices for segmentation, access control, and system monitoring.
- Monitor affected hosts for unexpected DLL loads, privilege elevation events, and changes in application directories or service execution behavior.
Evidence notes
CISA CSAF advisory ICSMA-25-198-01 states: "The affected product is vulnerable to DLL hijacking, which may allow an attacker to obtain NT Authority/SYSTEM as a standard user." The same source says the vulnerable SDK component is owned by Oy Ajat Ltd. and is no longer supported, and that Panoramic did not recommend any specific mitigation. The advisory and related reference materials were published on 2025-07-17.
Official resources
-
CVE-2024-22774 CVE record
CVE.org
-
CVE-2024-22774 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA in advisory ICSMA-25-198-01 on 2025-07-17. The supplied enrichment does not indicate Known Exploited Vulnerabilities (KEV) listing.