Remote Information Disclosure Flaw in Fermax VIDA Products by Fermax Asia Pacific Pte Ltd
CVE-2024-48774

7.5HIGH

Key Information:

Vendor: Fermax Asia Pacific Pte Ltd
Status: Fermax VIDA
Vendor: CVE Published:; 11 October 2024

🔔 Create Fermax Asia Pacific Pte Ltd Vulnerability Alert

What is CVE-2024-48774?

A vulnerability in Fermax VIDA version 2.4.6 allows remote attackers to exploit the firmware update process to gain access to sensitive information. This issue poses a significant risk as attackers could utilize this access to gather confidential data, potentially leading to further exploitation or unauthorized control over devices. Organizations using Fermax VIDA should evaluate their security practices and consider updating to mitigate this vulnerability.

References

http://comfermaxvida.com

http://fermax.com

https://github.com/HankJames/Vul-Reports/blob/main/Firmwa...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2024
Vulnerability Reserved
Oct 8, 2024

CVE-2024-48774 Data

JSON