Lucene search
JpcertCVE-2024-41720HistoryAug 05, 2024 - 5:15 a.m.
CVE-2024-41720
2024-08-0505:15:39
CWE-732
jpcert
web.nvd.nist.gov
4
cve-2024-41720
permission assignment
zwx-2000csw2-hn firmware
network-adjacent attacker
CVSS3
8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.4%
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device.
Affected configurations
Node
zexelonzwx-2000csw2-hn_firmwareRange<0.3.15
zexelonzwx-2000csw2-hn
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zexelon | zwx-2000csw2-hn_firmware | * | cpe:2.3:o:zexelon:zwx-2000csw2-hn_firmware:*:*:*:*:*:*:*:* |
| zexelon | zwx-2000csw2-hn | * | cpe:2.3:h:zexelon:zwx-2000csw2-hn:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "ZEXELON CO., LTD.",
"product": "ZWX-2000CSW2-HN",
"versions": [
{
"version": "firmware versions prior to Ver.0.3.15",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2024-41720
2024-08-05 05:15:39
cvelist
cvelist
CVE-2024-41720
2024-08-05 04:36:17
vulnrichment
vulnrichment
CVE-2024-41720
2024-08-05 04:36:17
jvn
jvn
JVN#70666401: Multiple vulnerabilities in ZEXELON ZWX-2000CSW2-HN
2024-08-05 00:00:00
CVSS3
8
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.4%
Related for CVE-2024-41720