ГлавнаяУязвимости → CVE-2024-47904
7.8высокая

CVE-2024-47904

Описание

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The affected devices contain a SUID binary that could allow an authenticated local attacker to execute arbitrary commands with root privileges.

Затрагиваемое ПО
Siemens Intermesh 7177 hybrid 2.0 subscriberSiemens Intermesh 7707 fire subscriber firmwareSiemens Intermesh 7707 fire subscriber
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert-portal.siemens.com/productcert/html/ssa-333468.html