CVE-2024-27773

EPSS 0.36%
Veröffentlicht 18.03.2024 14:15:09
Zuletzt bearbeitet 10.03.2025 19:15:52
Quelle cna@cyber.gov.il
CVE-Watchlists
Login
Unerledigt
Login

Unitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-348: Use of Less Trusted Source

Unitronics Unistream Unilogic – Versions prior to 1.35.227 -

CWE-348: Use of Less Trusted Source may allow RCE

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Unitronics ≫ Unilogic Version < 1.35.227

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.36%	0.272

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cna@cyber.gov.il	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

CWE-348 Use of Less Trusted Source

The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

Third Party Advisory

https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-27773

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27773

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27773

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-27773