Lucene search

[email protected]NVD:CVE-2024-22807

HistoryApr 22, 2024 - 12:15 p.m.

CVE-2024-22807

2024-04-2212:15:07

CWE-284

[email protected]

web.nvd.nist.gov

tormach xstech

cnc router

pathpilot controller

flash memory

vulnerability

firmware corruption

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

EPSS

Percentile

9.0%

JSON

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.

References

gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-22807

cvelist1 cve1 vulnrichment1