Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/28 12:0 a.m.6 views

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E Authentication Bypass By Spoofing (CVE-2024-8935)

A vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is establishing a communication session. This vulnerability is...

7.7CVSS5.5AI score0.00483EPSS
Exploits0References3
Circl
Circl
added 2024/11/13 7:28 a.m.6 views

CVE-2024-8935

creationtimestamp| type| source ---|---|--- 2024-11-13 07:28:17+00:00| seen| https://t.me/cvedetector/10802 2024-11-21 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-03 2026-04-14 13:10:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhczv3a...

7.7CVSS4.8AI score0.00483EPSS
Exploits0References3
NVD
NVD
added 2024/11/13 5:15 a.m.11 views

CVE-2024-8935

CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is establishing a...

7.7CVSS0.00483EPSS
Exploits0References1
CVE
CVE
added 2024/11/13 4:10 a.m.948 views

CVE-2024-8935

CVE-2024-8935 affects Schneider Electric Modicon M340, MC80, and Momentum Unity M1E. The issue is an Authentication Bypass by Spoofing enabling a Man-In-The-Middle attack during a controller–engineering workstation session, due to DH-based vulnerability that does not protect against MITM. Consequ...

7.7CVSS7AI score0.00483EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/13 4:10 a.m.8 views

CVE-2024-8935

CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attack between the controller and the engineering workstation while a valid user is establishing a...

7.7CVSS6.8AI score0.00483EPSS
Exploits0References1
Rows per page
Query Builder