Arbitrary File Overwrite Leads to DoS and Data Loss
CVE-2024-41971

8.1HIGH

Key Information:

Vendor
Wago
Status
Cc100 0751-9x01
Pfc100 G2 0750-811x-xxxx-xxxx
Pfc200 G2 750-821x-xxx-xxx
Tp600 0762-420x/8000-000x
Vendor
CVE Published:
18 November 2024

Summary

A vulnerability exists that permits a low privileged remote attacker to overwrite arbitrary files on the filesystem of the affected product. This exploitation can lead to significant disruptions, including Denial of Service (DoS) and potential data loss. Organizations utilizing the affected products should prioritize patching and implementing appropriate security measures to mitigate this risk.

Affected Version(s)

CC100 0751-9x01 0.0.0 <= 4.5.10 (FW27)

CC100 0751/9x01 0.0.0 <= 04.03.03 (72)

CC100 0751/9x01 0.0.0 <= 04.04.03 (70)

References

https://cert.vde.com/en/advisories/VDE-2024-047

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Credit

Diego Giubertoni
Nozomi Networks
.
CVE-2024-41971 : Arbitrary File Overwrite Leads to DoS and Data Loss | SecurityVulnerability.io