CVE-2024-39373

June 27, 2024, 5:11 p.m.

Tags

ics-cert@hq.dhs.gov
CWE-77
2024-06-27
CVE-2024-39373

Product(s) Impacted

TELSAT marKoni FM Transmitters

Description

TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the manipulation of settings and could allow an attacker to gain unauthorized access to the system with administrative privileges.

Weaknesses

CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')

The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

CWE ID: 77

Date

Published: June 27, 2024, 4:15 p.m.

Last Modified: June 27, 2024, 5:11 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

ics-cert@hq.dhs.gov

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-01
ics-cert@hq.dhs.gov