Unauthorized Access to System Settings via Local Network
CVE-2024-3016

Currently unrated

Key Information:

Vendor: Nec Platforms, Ltd
Status: Itk-6dgs-1(bk) Tel; Itk-32lcgs-1(bk) Tel; Itk-32tcgs-1(bk) Tel; Itk-6d-1(bk)tel
Vendor: CVE Published:; 14 May 2024

🔔 Create Nec Platforms, Ltd Vulnerability Alert

What is CVE-2024-3016?

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.

Affected Version(s)

ITK-12D-1(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

ITK-12D-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

ITK-12DG-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

References

https://jpn.nec.com/security-info/secinfo/nv24-002_en.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Mar 27, 2024

Credit

Mr. Gianluca Altomani and Mr. Manuel Romei.

CVE-2024-3016 Data

JSON