CVE-2024-27946
CVE-2024-27946
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). Downloading files overwrites files with the same name in the
installation directory of the affected systems. The filename for
the target file can be specified, thus arbitrary files can be
overwritten by an attacker with the required privileges.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C
Affected products
Siemens · RUGGEDCOM CROSSBOWWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →