CVE-2024-5056
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
CWE-552: Files or Directories Accessible to External Parties vulnerability exists which may
prevent user to update the device firmware and prevent proper behavior of the webserver when
specific files or directories are removed from the filesystem.
CWE-552: Existe una vulnerabilidad de archivos o directorios accesibles a terceros que puede impedir que el usuario actualice el firmware del dispositivo e impedir el comportamiento adecuado del servidor web cuando se eliminan archivos o directorios específicos del sistema de archivos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-05-17 CVE Reserved
- 2024-06-12 CVE Published
- 2024-08-01 CVE Updated
- 2024-08-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-552: Files or Directories Accessible to External Parties
CAPEC
References (1)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Schneider Electric Search vendor "Schneider Electric" | Modicon M340 Search vendor "Schneider Electric" for product "Modicon M340" | <= Search vendor "Schneider Electric" for product "Modicon M340" and version " <= " | en |
Affected
| ||||||
| Schneider Electric Search vendor "Schneider Electric" | Network Module, Modicon M340, Modbus/TCP BMXNOE0100 Search vendor "Schneider Electric" for product "Network Module, Modicon M340, Modbus/TCP BMXNOE0100" | <= Search vendor "Schneider Electric" for product "Network Module, Modicon M340, Modbus/TCP BMXNOE0100" and version " <= " | en |
Affected
| ||||||
| Schneider Electric Search vendor "Schneider Electric" | Network Module, Modicon M340, Ethernet TCP/IP BMXNOE0110 Search vendor "Schneider Electric" for product "Network Module, Modicon M340, Ethernet TCP/IP BMXNOE0110" | <= Search vendor "Schneider Electric" for product "Network Module, Modicon M340, Ethernet TCP/IP BMXNOE0110" and version " <= " | en |
Affected
| ||||||