CVE-2024-43812

Kieback&Peter DDC4000 Series Path Traversal Insufficiently Protected Credentials

CVSS 8.6 HIGHEPSS 0.2%CWE-522

Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Kieback&Peter · DDC4002 Kieback&Peter · DDC4002e Kieback&Peter · DDC4020e Kieback&Peter · DDC4040e Kieback&Peter · DDC4100 Kieback&Peter · DDC4200 Kieback&Peter · DDC4200e Kieback&Peter · DDC4200-L Kieback&Peter · DDC4400 Kieback&Peter · DDC4400e

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-05