CVE-2024-6421

Description

An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.

PUBLISHED Reserved 2024-07-01 | Published 2024-07-10 | Updated 2025-08-22 | Assigner CERTVDE

Problem types

CWE-552 Files or Directories Accessible to External Parties

Product status

Credits

BMW AG reporter

References

cert.vde.com/en/advisories/VDE-2024-038

cert.vde.com/en/advisories/VDE-2024-038

cve.org (CVE-2024-6421)

nvd.nist.gov (CVE-2024-6421)

Download JSON