Lucene search

CVE-2024-31410

🗓️ 15 May 2024 20:11:15Reported by icscertType

CyberPower PowerPanel devices use identical hard-coded cryptographic certificates, allowing attackers to impersonate clients and send malicious data

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-31410 CyberPower PowerPanel business Use of Hard-coded Cryptographic Key	15 May 202419:56	–	cvelist
Vulnrichment	CVE-2024-31410 CyberPower PowerPanel business Use of Hard-coded Cryptographic Key	15 May 202419:56	–	vulnrichment
NVD	CVE-2024-31410	15 May 202420:15	–	nvd
ICS	CyberPower PowerPanel Business	2 May 202406:00	–	ics

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerPanel business",
    "vendor": "CyberPower",
    "versions": [
      {
        "lessThan": "4.9.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cyberpower	www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows
cisa	www.cisa.gov/news-events/ics-advisories/icsa-24-123-01

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 May 2024 20:15Current

6.8Medium risk

Vulners AI Score6.8

CVSS37.7

EPSS0.00061

SSVC

CWE-321