CVE-2024-2617

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware.
Configurations

No configuration.

History

03 Jul 2024, 01:53

Type Values Removed Values Added
CWE CWE-358
Summary
  • (es) Existe una vulnerabilidad en el RTU500 que permite a los usuarios autenticados y autorizados omitir la actualización segura. Si un actor malintencionado aprovecha con éxito esta vulnerabilidad, podría usarla para actualizar el RTU500 con firmware sin firmar.

30 Apr 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-30 13:15

Updated : 2024-07-03 01:53


NVD link : CVE-2024-2617

Mitre link : CVE-2024-2617

CVE.ORG link : CVE-2024-2617


JSON object : View

Products Affected

No product.

CWE
CWE-358

Improperly Implemented Security Check for Standard