CVE-2024-22774

HIGH

Panoramic Corporation Digital Imaging Software <9.1.2.7600 - Privil...

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-22774. PoCs published by Gray-0men.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2024-22774, a privilege escalation vulnerability in Panoramic Dental Imaging Software 9.1.2.7600. The vulnerability involves a phantom DLL hijacking in a user-writable directory, allowing execution with SYSTEM privileges.

Description

An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.

Exploits (1)

nomisec WRITEUP 1 stars
by Gray-0men · poc
https://github.com/Gray-0men/CVE-2024-22774

This repository provides a detailed technical analysis of CVE-2024-22774, a privilege escalation vulnerability in Panoramic Dental Imaging Software 9.1.2.7600. The vulnerability involves a phantom DLL hijacking in a user-writable directory, allowing execution with SYSTEM privileges.

Classification
Writeup 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Panoramic Dental Imaging Software 9.1.2.7600
No auth needed
Prerequisites: Access to a user account on the target system · Ability to write to C:\ProgramData\Ajat\panoramic\datastor\ · Restart of the system or CCS Service
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.8
EPSS 0.0049
EPSS Percentile 38.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-269
Status published
Published May 14, 2024
Tracked Since Feb 18, 2026