Active Debug Code Vulnerability Affects Multiple Products
CVE-2024-36475

8.8HIGH

Key Information:

Vendor

Century Systems Co., Ltd.

Status
Futurenet Nxr-1300 Series
Futurenet Nxr-650
Futurenet Nxr-610x Series
Futurenet Nxr-530
Vendor
CVE Published:
17 July 2024

What is CVE-2024-36475?

An active debug code vulnerability has been identified in Century Systems' FutureNet NXR, VXR, and WXR series products. This vulnerability arises when a user with knowledge of the debug function gains access to the product, potentially allowing the execution of arbitrary operating system commands. The implications of this vulnerability may lead to unauthorized manipulation of system processes, posing significant security risks to the integrity and confidentiality of affected systems. Users must take precautionary measures to secure their products and mitigate exposure to potential attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FutureNet NXR-120/C firmware version 5.25.7H and earlier

FutureNet NXR-1200 firmware version 5.25.21 and earlier

FutureNet NXR-125/CX firmware version 5.25.7H and earlier

References

https://www.centurysys.co.jp/backnumber/nxr_common/202407...
https://www.centurysys.co.jp/backnumber/nxr_common/202407...
https://jvn.jp/en/vu/JVNVU96424864/

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.