CVSS: 9.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-41969 – WAGO: CODESYS V3 Configuration Authentication Bypass in Multiple Devices
https://notcve.org/view.php?id=CVE-2024-41969
18 Nov 2024 — A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS. A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-41967 – WAGO: Boot Mode Manipulation in Multiple Devices
https://notcve.org/view.php?id=CVE-2024-41967
18 Nov 2024 — A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack. A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-41968 – WAGO: Docker Settings Manipulation in Multiple Devices
https://notcve.org/view.php?id=CVE-2024-41968
18 Nov 2024 — A low privileged remote attacker may modify the docker settings setup of the device, leading to a limited DoS. • https://cert.vde.com/en/advisories/VDE-2024-047 • CWE-306: Missing Authentication for Critical Function •