CVE-2024-45273
Essential information
- Published
- 15/10/2024 11:15
- Modified
- 17/10/2024 17:41
- Author
- —
- Creator
- —
- CVSS
- 7.8 HIGH (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- LOCAL
- Attack complexity
- LOW
- Privileges required
- LOW
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- HIGH
- Integrity impact
- HIGH
- Availability impact
- HIGH
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.
NVD status
- Status
- Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| mbconnectline / mbnet.mini firmware | cpe:2.3:o:mbconnectline:mbnet.mini_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbnet.mini | cpe:2.3:h:mbconnectline:mbnet.mini:-:*:*:*:*:*:*:* |
| helmholz / myrex24 v2 virtual server | cpe:2.3:a:helmholz:myrex24_v2_virtual_server:*:*:*:*:*:*:*:* |
| helmholz / rex 300 firmware | cpe:2.3:o:helmholz:rex_300_firmware:*:*:*:*:*:*:*:* |
| helmholz / rex 300 | cpe:2.3:h:helmholz:rex_300:-:*:*:*:*:*:*:* |
| helmholz / rex 200 firmware | cpe:2.3:o:helmholz:rex_200_firmware:*:*:*:*:*:*:*:* |
| helmholz / rex 200 | cpe:2.3:h:helmholz:rex_200:-:*:*:*:*:*:*:* |
| helmholz / rex 250 firmware | cpe:2.3:o:helmholz:rex_250_firmware:*:*:*:*:*:*:*:* |
| helmholz / rex 250 | cpe:2.3:h:helmholz:rex_250:-:*:*:*:*:*:*:* |
| helmholz / rex 100 firmware | cpe:2.3:o:helmholz:rex_100_firmware:*:*:*:*:*:*:*:* |
| helmholz / rex 100 | cpe:2.3:h:helmholz:rex_100:-:*:*:*:*:*:*:* |
| mbconnectline / mbconnect24 | cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:* |
| mbconnectline / mymbconnect24 | cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 905 firmware | cpe:2.3:o:mbconnectline:mbspider_mdh_905_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 905 | cpe:2.3:h:mbconnectline:mbspider_mdh_905:-:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 915 firmware | cpe:2.3:o:mbconnectline:mbspider_mdh_915_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 915 | cpe:2.3:h:mbconnectline:mbspider_mdh_915:-:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 906 firmware | cpe:2.3:o:mbconnectline:mbspider_mdh_906_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 906 | cpe:2.3:h:mbconnectline:mbspider_mdh_906:-:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 916 firmware | cpe:2.3:o:mbconnectline:mbspider_mdh_916_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbspider mdh 916 | cpe:2.3:h:mbconnectline:mbspider_mdh_916:-:*:*:*:*:*:*:* |
| mbconnectline / mbnet hw1 firmware | cpe:2.3:o:mbconnectline:mbnet_hw1_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbnet hw1 | cpe:2.3:h:mbconnectline:mbnet_hw1:-:*:*:*:*:*:*:* |
| mbconnectline / mbnet firmware | cpe:2.3:o:mbconnectline:mbnet_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbnet | cpe:2.3:h:mbconnectline:mbnet:-:*:*:*:*:*:*:* |
| mbconnectline / mbnet.rokey firmware | cpe:2.3:o:mbconnectline:mbnet.rokey_firmware:*:*:*:*:*:*:*:* |
| mbconnectline / mbnet.rokey | cpe:2.3:h:mbconnectline:mbnet.rokey:-:*:*:*:*:*:*:* |