CVE-2024-8419 | THREATINT

Description

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.

PUBLISHED Reserved 2024-09-04 | Published 2025-06-30 | Updated 2026-02-16 | Assigner CERTVDE

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Default status

unaffected

4.04 (semver) before 4.3.17

affected

6.1.8

affected

Default status

unaffected

4.04 (semver) before 4.3.17

affected

6.1.8

affected

Default status

unaffected

4.04 (semver) before 4.3.17

affected

6.1.8

affected

Default status

unaffected

4.04 (semver) before 4.3.17

affected

6.1.8

affected

Default status

unaffected

4.04 (semver) before 4.3.17

affected

6.1.8

affected

Credits

Dmytro Kryhin finder

National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute” reporter

References

cert.vde.com/en/advisories/VDE-2024-061

cve.org (CVE-2024-8419)

nvd.nist.gov (CVE-2024-8419)

Download JSON