← Zuruck zu CVEs
CVE-2024-32754
LOW3.1
Beschreibung
Under certain circumstances, when the controller is in factory reset mode waiting for initial setup, it will broadcast its MAC address, serial number, and firmware version. Once configured, the controller will no longer broadcast this information.
CVE Details
CVSS v3.1 Bewertung3.1
SchweregradLOW
CVSS VektorCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
AngriffsvektorADJACENT_NETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht7/4/2024
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-200
Referenzen
https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-01(productsecurity@jci.com)
https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories(productsecurity@jci.com)
https://www.cisa.gov/news-events/ics-advisories/icsa-24-184-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.