← volver
CVE-2024-45370

CVE-2024-45370

CVSS 7.3 HIGHEPSS 0.1%CWE-302
An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N
Productos afectados
Socomec · Easy Config System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://talosintelligence.com/vulnerability_reports/TALOS-2024-2117https://www.socomec.fr/sites/default/files/2025-11/CVE-2024-45370---ECS-2610---CVSS31_VULNERABILITIES_2025-11-19-09-45-29_English_PLURI_3.pdfhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2117