Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-49396

Oct. 18, 2024, 12:52 p.m.

Tags

ics-cert@hq.dhs.gov
CWE-522
2024-10-17
CVE-2024-49396

Product(s) Impacted

Elvaco

Description

The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.

Weaknesses

CWE-522
Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

CWE ID: 522

Date

Published: Oct. 17, 2024, 5:15 p.m.

Last Modified: Oct. 18, 2024, 12:52 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

ics-cert@hq.dhs.gov

References

https://www.cisa.gov/ ics-cert@hq.dhs.gov