Authentication Bypass in MSA FieldServer Gateway by MSA Safety
CVE-2024-45493

Currently unrated

Key Information:

Vendor: MSA Safety
Status: FieldServer Gateway
Vendor: CVE Published:; 10 December 2024

What is CVE-2024-45493?

A vulnerability in the MSA FieldServer Gateway allows attackers to bypass authentication restrictions intended for internal users. While access is meant to be restricted to local logins, an attacker could potentially authenticate using an internal user account from the network if they possess the correct password. This can lead to unauthorized access, posing a significant security risk.

References

https://us.msasafety.com/fieldserver

https://us.msasafety.com/security-notices:

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2024