EUVD-2024-31238

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Mendix Applications allows role escalation due to access rights management issue.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the Mendix software platform for deploying and testing software applications is related to deficiencies in access control, allowing attackers to enhance their privileges.	5 Jul 202400:00	–	bdu_fstec
CNNVD	Siemens Mendix 安全漏洞	11 Jun 202400:00	–	cnnvd
CNVD	Siemens Mendix Rights Management Error Vulnerability	12 Jun 202400:00	–	cnvd
CVE	CVE-2024-33500	11 Jun 202411:15	–	cve
Cvelist	CVE-2024-33500	11 Jun 202411:15	–	cvelist
ICS	Siemens Mendix Applications	11 Jun 202400:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	11 Jun 202413:29	–	ncsc
NVD	CVE-2024-33500	11 Jun 202412:15	–	nvd
RedhatCVE	CVE-2024-33500	23 May 202508:51	–	redhatcve
Vulnrichment	CVE-2024-33500	11 Jun 202411:15	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "6749021c-468f-3296-8ba9-815a7eee9993",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1952bf33-13b1-3e81-85c6-27ab9524d4dd",
        "product": {
          "name": "Mendix Applications using Mendix 10"
        },
        "product_version": "0 <V10.11.0"
      },
      {
        "id": "409a4597-6ed8-3d8e-8ceb-a3b7191edbbe",
        "product": {
          "name": "Mendix Applications using Mendix 10 (V10.6)"
        },
        "product_version": "0 <V10.6.9"
      },
      {
        "id": "50e5a3b1-eded-3f8c-aaf3-603b0ddb2ada",
        "product": {
          "name": "Mendix Applications using Mendix 9"
        },
        "product_version": "V9.3.0 <V9.24.22"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-540640.html

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.15.9

CVSS 47.4

EPSS0.00298

SSVC