CVE-2024-11861 | THREATINT

Description

EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged remote shell access.

PUBLISHED Reserved 2024-11-27 | Published 2025-05-09 | Updated 2025-05-12 | Assigner Mandiant

Problem types

CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')

Product status

Default status

affected

Any version

affected

22.10 (custom)

unaffected

References

github.com/...Disclosures/blob/master/2025/MNDT-2025-0001.md third-party-advisory

www.enersys.com/...rate/cve/enersys_cve-2024-11861-final.pdf vendor-advisory

cve.org (CVE-2024-11861)

nvd.nist.gov (CVE-2024-11861)

Download JSON

help @ threatint.eu