CVE-2024-8419

Improper Access Control vulnerability in AC4xxS devices

CVSS 7.5 HIGHEPSS 0.4%CWE-306

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Productos afectados

ifm electronic GmbH · ifm Smart PLC AC402s ifm electronic GmbH · ifm Smart PLC AC422s ifm electronic GmbH · ifm Smart PLC AC424s ifm electronic GmbH · ifm Smart PLC AC432s ifm electronic GmbH · ifm Smart PLC AC434s

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert.vde.com/en/advisories/VDE-2024-061