CVE-2024-53522

HIGH

Bangkok Medical Software HOSxP XE <4.64.11.3 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-53522. PoCs published by Safecloudth.

AI-analyzed exploit summary This PowerShell script decrypts sensitive data from HOS-WIN32.INI using a hard-coded cryptographic key in HOSxP XE. It implements the IDEA Cipher in CBC mode to extract and decrypt configuration data.

Description

Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV pair in the HOSxPXE4.exe and HOS-WIN32.INI components. This allows attackers to access sensitive information.

Exploits (1)

nomisec WORKING POC 3 stars

by Safecloudth · poc

https://github.com/Safecloudth/CVE-2024-53522

View Code ZIP pw:eip

This PowerShell script decrypts sensitive data from HOS-WIN32.INI using a hard-coded cryptographic key in HOSxP XE. It implements the IDEA Cipher in CBC mode to extract and decrypt configuration data.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: HOSxP XE version 4.64.11.3

No auth needed

Prerequisites: Access to the HOS-WIN32.INI file (default path: C:\ProgramData\HOS-WIN32.INI)

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources

http://bangkok.com

Various Sources

http://hosxp.com

Various Sources

http://hosxp.net

Various Sources

https://www.safecloud.co.th/researches/blog/CVE-2024-53522

Scores

CVSS v3 7.5

EPSS 0.0084

EPSS Percentile 52.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-331

Status published

Published Jan 07, 2025

Tracked Since Feb 18, 2026