Lucene search

[email protected]NVD:CVE-2024-5559

HistoryJun 12, 2024 - 6:15 p.m.

CVE-2024-5559

2024-06-1218:15:12

CWE-327

[email protected]

web.nvd.nist.gov

cryptographic algorithm

dos

device reboot

attacker gaining control

crafted reset token

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could
cause denial of service, device reboot, or an attacker gaining full control of the relay when a
specially crafted reset token is entered into the front panel of the device.

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-163-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-163-02.pdf

6.1 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2024-5559

cve1 cvelist1