CVE-2024-2422

May 30, 2024, 6:18 p.m.

None
No Score

Description

LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands.

Product(s) Impacted

Product Versions
LenelS2 NetBox access control and event monitoring system
  • before 5.6.2

Weaknesses

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01
https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf

Tags

CWE-88
2024-05-30
productsecurity@carrier.com
CVE-2024-2422

Date

  • Published: May 30, 2024, 6:15 p.m.
  • Last Modified: May 30, 2024, 6:18 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

productsecurity@carrier.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.