CVE-2024-6422

Missing Authentication for Critical Function (CWE-306)

Published: Jul 10, 2024 / Updated: 4mo ago

010
CVSS 9.8EPSS 0.04%Critical
CVE info copied to clipboard

Summary

An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data. This vulnerability is related to Missing Authentication for Critical Function (CWE-306). The attack vector is through the network, requires low attack complexity, and no user interaction.

Impact

The impact of this vulnerability is severe. It allows an attacker to gain unauthorized access to critical functions of the affected device. The attacker can manipulate the device, stop processes, and read, delete, or change data, leading to a complete compromise of the system's confidentiality, integrity, and availability. With a CVSS v3.1 base score of 9.8 (Critical), this vulnerability poses a significant risk to the affected systems.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, there is no mention of an available patch for this vulnerability.

Mitigation

Given the severity of this vulnerability, immediate action is recommended: 1. Disable Telnet access to the affected devices if possible. 2. Implement strong network segmentation to limit access to the vulnerable devices. 3. Use firewalls or access control lists to restrict network access to the affected devices, allowing only trusted IP addresses. 4. Monitor for any suspicious activities or unauthorized access attempts. 5. If feasible, consider using alternative, more secure remote access methods like SSH instead of Telnet. 6. Regularly check for and apply any security updates or patches as soon as they become available from the vendor.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-6422

Jul 10, 2024 at 8:15 AM
First Article

Feedly found the first article mentioning CVE-2024-6422. See article

Jul 10, 2024 at 8:19 AM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Jul 10, 2024 at 8:33 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 9.2%)

Jul 10, 2024 at 10:14 AM
Trending

This CVE started to trend in security discussions

Jul 10, 2024 at 1:02 PM
Trending

This CVE stopped trending in security discussions

Jul 11, 2024 at 10:53 AM
Static CVE Timeline Graph

Affected Systems

Pepperl-fuchs/oit700-f113-b12-cb_firmware
+null more

Attack Patterns

CAPEC-12: Choosing Message Identifier
+null more

News

cveNotify : 🚨 CVE-2024-6422An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.🎖@cveNotify
cveNotify : 🚨 CVE-2024-6422An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.🎖@cveNotify
Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation
The impact of the vulnerabilities on the affected device may result in Pepperl+Fuchs analyzed and identified affected devices.
Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation
The impact of the vulnerabilities on the affected device may result in Pepperl+Fuchs analyzed and identified affected devices.
@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 28 - SANS Institute
Product: Automattic Newspack Blocks CVSS Score: 9.9 NVD: NVD References: CVE-2024-39872 - SINEMA Remote Connect Server (All versions < V3.2 SP1) allows authenticated attackers with the 'Manage firmware updates' role to escalate privileges via improper assignment of rights to temporary files. Product: WordPress Gutenberg Forms plugin CVSS Score: 9.8 NVD: NVD References: - - - CVE-2024-6314 - The IQ Testimonials plugin for WordPress allows unauthenticated attackers to upload arbitrary files and potentially execute remote code due to insufficient file validation, in versions up to 2.2.7, only if the 'gd' PHP extension is not loaded.
Pepperl+Fuchs Industrial Devices Exposed to Critical Vulnerabilities
These vulnerabilities, identified as CVE-2024-6422 and CVE-2024-6421, pose significant risks, including information disclosure
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI