6.5
CVE-2024-6758
- EPSS 0.44%
- Veröffentlicht 12.08.2024 13:38:40
- Zuletzt bearbeitet 22.08.2025 09:15:33
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginImproper Privilege Management vulnerability in Sprecher Automation SPRECON-E
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sprecher-automation ≫ Sprecon-e Cp-2500 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-p Dd6-2 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-c Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e Ap-2200 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e Cp-2131 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e Cp-2330 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-p Dq6-1 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-p Dl6-1 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-p Ds6-0 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-edir Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-t3 Firmware Version < 8.71j
Sprecher-automation ≫ Sprecon-e-t3 Ax-3110 Firmware Version < 8.71j
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.35 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
CWE-266 Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2407171_de.pdf