Arbitrary File Overwrite Leads to DoS and Data Loss
CVE-2024-41971

8.1HIGH

Key Information:

Vendor: Wago
Status: Cc100 0751-9x01; Pfc100 G2 0750-811x-xxxx-xxxx; Pfc200 G2 750-821x-xxx-xxx; Tp600 0762-420x/8000-000x
Vendor: CVE Published:; 18 November 2024

What is CVE-2024-41971?

A vulnerability exists that permits a low privileged remote attacker to overwrite arbitrary files on the filesystem of the affected product. This exploitation can lead to significant disruptions, including Denial of Service (DoS) and potential data loss. Organizations utilizing the affected products should prioritize patching and implementing appropriate security measures to mitigate this risk.

Affected Version(s)

CC100 0751-9x01 0.0.0 <= 4.5.10 (FW27)

CC100 0751/9x01 0.0.0 <= 04.03.03 (72)

CC100 0751/9x01 0.0.0 <= 04.04.03 (70)

References

https://cert.vde.com/en/advisories/VDE-2024-047

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2024

Credit

Diego Giubertoni

Nozomi Networks

Wago

What is CVE-2024-41971?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit