CVE-2024-27773

EPSS 0.08%
Veröffentlicht 18.03.2024 14:15:09
Zuletzt bearbeitet 10.03.2025 19:15:52
Quelle cna@cyber.gov.il
CVE-Watchlists
Login
Unerledigt
Login

Unitronics Unistream Unilogic – Versions prior to 1.35.227 -

CWE-348: Use of Less Trusted Source may allow RCE

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Unitronics ≫ Unilogic Version < 1.35.227

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.246

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cna@cyber.gov.il	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-345 Insufficient Verification of Data Authenticity

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

CWE-348 Use of Less Trusted Source

The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack.

https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

Third Party Advisory

https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistream-devices-uncovered

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-27773

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-27773

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-27773

EUVD