Lucene search
CERTVDEVULNRICHMENT:CVE-2024-6422HistoryJul 10, 2024 - 7:37 a.m.
CVE-2024-6422 Pepperl+Fuchs: OIT Products can be manipulated via unintended Telnet access
2024-07-1007:37:03
CWE-306
CERTVDE
github.com
2
cve-2024-6422
pepperl+fuchs
telnet access
unauthenticated remote attacker
data manipulation
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.
CNA Affected
[
{
"vendor": "Pepperl+Fuchs",
"product": "OIT1500-F113-B12-CB",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "V2.11.0"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Pepperl+Fuchs",
"product": "OIT200-F113-B12-CB",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "V2.11.0"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Pepperl+Fuchs",
"product": "OIT500-F113-B12-CB",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "V2.11.0"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Pepperl+Fuchs",
"product": "OIT700-F113-B12-CB",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "V2.11.0"
}
],
"defaultStatus": "unaffected"
}
]References
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-6422