7.5
CVE-2024-8933
- EPSS 0.06%
- Veröffentlicht 13.11.2024 04:15:05
- Zuletzt bearbeitet 13.11.2024 17:01:16
- Quelle cybersecurity@se.com
- Teams Watchlist Login
- Unerledigt Login
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause retrieval of password hash that could lead to denial of service and loss of confidentiality and integrity of controllers. To be successful, the attacker needs to inject themself inside the logical network while a valid user uploads or downloads a project file into the controller.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerschneider-electric
≫
Produkt
modicon_m340
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellerschneider-electric
≫
Produkt
modicon_mc80
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellerschneider-electric
≫
Produkt
modicon_momentum_unity_m1e_processor
Default Statusunknown
Version <
*
Version
0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.204 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cybersecurity@se.com | 7.5 | 0 | 0 |
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| cybersecurity@se.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel
The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.