CVE-2024-22894

{"id": "CVE-2024-22894", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2024-01-30T10:15:09.833", "references": [{"url": "https://github.com/Jaarden/AlphaInnotec-Password-Vulnerability/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/Jaarden/CVE-2024-22894", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-326"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "An issue fixed in AIT-Deutschland Alpha Innotec Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later and Novelan Heatpumps V2.88.3 or later, V3.89.0 or later, V4.81.3 or later, allows remote attackers to execute arbitrary code via the password component in the shadow file."}, {"lang": "es", "value": "Un problema en AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 y Novelan Heatpumps wp2reg-V.3.88.0-9015 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente de contrase\u00f1a en el archivo sombra."}], "lastModified": "2024-08-29T20:36:06.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:alpha-innotec:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0748DE3E-9C10-4E55-9CE2-2FC142C70AA2", "versionEndExcluding": "2.88.3"}, {"criteria": "cpe:2.3:o:alpha-innotec:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AB21F68-A56D-44F4-9E8F-35FE4F633276", "versionEndExcluding": "3.89.0", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:o:alpha-innotec:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF001062-843A-48C0-BBB1-39EF0169FF04", "versionEndExcluding": "4.81.3", "versionStartIncluding": "4.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:alpha-innotec:heat_pumps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D87D8C1B-B1F7-4FC4-B857-5BEEA2A8C74F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:novelan:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDB466A-0CC1-4C7B-914A-BEC7A3AFA835", "versionEndExcluding": "2.88.3"}, {"criteria": "cpe:2.3:o:novelan:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F60C4875-FB5D-41A8-8FCC-EEF050BDE9A3", "versionEndExcluding": "3.89.0", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:o:novelan:heat_pumps_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DFEEE56-A799-4CCD-A33B-83A0177FCF71", "versionEndExcluding": "4.81.3", "versionStartIncluding": "4.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:novelan:heat_pumps:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80BCEF4F-B08E-4776-94D9-EABA4F3BE412"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}