Today > 13 Critical | 36 High | 32 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-8256

Dec. 10, 2024, 9:15 a.m.

Tags

CWE-732
2024-12-10
CVE-2024-8256
001d69cf-3fc9-4203-93fb-9865b54e05b2

Product(s) Impacted

Teltonika Networks RUTOS

  • 7.0 - 7.7
  • TSWOS devices running on versions 1.0 - 1.2

Description

In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API.

Weaknesses

CWE-732
Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CWE ID: 732

Date

Published: Dec. 10, 2024, 9:15 a.m.

Last Modified: Dec. 10, 2024, 9:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

001d69cf-3fc9-4203-93fb-9865b54e05b2

References

https://www.deepcove.support/ 001d69cf-3fc9-4203-93fb-9865b54e05b2