Today we published a medium rated CVE: CVE-2024-6364 to MITRE. This vulnerability applies to Windows devices with older firmware versions where no Absolute Persistence Software has been activated. This CVE is not present on devices with Absolute Persistence Module 2.8 or higher. Exploiting this vulnerability requires both physical access to the device, and hostile network control. There are no known exploits, and remediation options are available.

Key Facts:

CVE-2024-6364 is not present on Windows devices with Absolute Persistence Module versions 2.8 or higher.
Exploiting this CVE requires both physical access to the device and hostile network control.
Absolute Security continuously works with its device manufacturers to support BIOS updates and upgrades to ensure the latest firmware versions are available.