cvelistv5 - cve-2024-10334

CVE-2024-10334 (GCVE-0-2024-10334)

Vulnerability from cvelistv5 – Published: 2025-02-10 15:02 – Updated: 2025-02-12 15:44

Summary

A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used. An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.

Severity ?

7 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

CWE

CWE-256 - Plaintext Storage of a Password

Assigner

ABB

References

URL

Tags

https://search.abb.com/library/Download.aspx?Docu…

Impacted products

	Vendor	Product	Version
	ABB	System 800xA	Affected: 5.1.x (custom) Affected: 6.0.3.x (custom) Affected: 6.1.1.x (custom) Affected: 6.2.x (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10334",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T15:32:43.860502Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:44:32.063Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "System 800xA",
          "vendor": "ABB",
          "versions": [
            {
              "status": "affected",
              "version": "5.1.x",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.0.3.x",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.1.1.x",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "6.2.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2025-02-10T05:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u0026nbsp;\n\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\u003cbr\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.\u003c/span\u003e"
            }
          ],
          "value": "A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u00a0\n\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\nThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NEGLIGIBLE",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-256",
              "description": "CWE-256: Plaintext Storage of a Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-10T15:02:58.369Z",
        "orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
        "shortName": "ABB"
      },
      "references": [
        {
          "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Camera passwords stored in clear text",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
    "assignerShortName": "ABB",
    "cveId": "CVE-2024-10334",
    "datePublished": "2025-02-10T15:02:58.369Z",
    "dateReserved": "2024-10-24T08:42:37.599Z",
    "dateUpdated": "2025-02-12T15:44:32.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-10334\",\"sourceIdentifier\":\"cybersecurity@ch.abb.com\",\"published\":\"2025-02-10T15:15:12.010\",\"lastModified\":\"2025-02-10T15:15:12.010\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u00a0\\n\\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\\nThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad en el producto VideONet incluido en las versiones System 800xA mencionadas, donde se utiliza VideONet. Un atacante que aproveche con \u00e9xito la vulnerabilidad podr\u00eda, en el peor de los casos, detener o manipular la transmisi\u00f3n de video. Este problema afecta a System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:X\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NEGLIGIBLE\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.5}]},\"weaknesses\":[{\"source\":\"cybersecurity@ch.abb.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-256\"}]}],\"references\":[{\"url\":\"https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\",\"source\":\"cybersecurity@ch.abb.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-10334\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T15:32:43.860502Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T15:44:28.562Z\"}}], \"cna\": {\"title\": \"Camera passwords stored in clear text\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NEGLIGIBLE\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 7, \"Automatable\": \"NO\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ABB\", \"product\": \"System 800xA\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.0.3.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.1.1.x\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.2.x\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-02-10T05:00:00.000Z\", \"references\": [{\"url\": \"https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\\u00a0\\n\\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\\nThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u0026nbsp;\\n\\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\u003cbr\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-256\", \"description\": \"CWE-256: Plaintext Storage of a Password\"}]}], \"providerMetadata\": {\"orgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"shortName\": \"ABB\", \"dateUpdated\": \"2025-02-10T15:02:58.369Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-10334\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T15:44:32.063Z\", \"dateReserved\": \"2024-10-24T08:42:37.599Z\", \"assignerOrgId\": \"2b718523-d88f-4f37-9bbd-300c20644bf9\", \"datePublished\": \"2025-02-10T15:02:58.369Z\", \"assignerShortName\": \"ABB\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-7348-RMW4-RHVW

Vulnerability from github – Published: 2025-02-10 15:32 – Updated: 2025-02-10 15:32

Details

A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.

An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.

Severity ?

7.3 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

7.0 (High)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:D/RE:M

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-10334"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-10T15:15:12Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u00a0\n\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\nThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X.",
  "id": "GHSA-7348-rmw4-rhvw",
  "modified": "2025-02-10T15:32:22Z",
  "published": "2025-02-10T15:32:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10334"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:X",
      "type": "CVSS_V4"
    }
  ]
}

FKIE_CVE-2024-10334

Vulnerability from fkie_nvd - Published: 2025-02-10 15:15 - Updated: 2025-02-10 15:15

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Summary

References

	URL	Tags
	cybersecurity@ch.abb.com	https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159&LanguageCode=en&DocumentPartId=&Action=Launch

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.\u00a0\n\nAn attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed.\nThis issue affects System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en el producto VideONet incluido en las versiones System 800xA mencionadas, donde se utiliza VideONet. Un atacante que aproveche con \u00e9xito la vulnerabilidad podr\u00eda, en el peor de los casos, detener o manipular la transmisi\u00f3n de video. Este problema afecta a System 800xA: 5.1.X; System 800xA: 6.0.3.X; System 800xA: 6.1.1.X; System 800xA: 6.2.X."
    }
  ],
  "id": "CVE-2024-10334",
  "lastModified": "2025-02-10T15:15:12.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.5,
        "source": "cybersecurity@ch.abb.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NEGLIGIBLE",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "DIFFUSE",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "cybersecurity@ch.abb.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-10T15:15:12.010",
  "references": [
    {
      "source": "cybersecurity@ch.abb.com",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "sourceIdentifier": "cybersecurity@ch.abb.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-256"
        }
      ],
      "source": "cybersecurity@ch.abb.com",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2025-0306

Vulnerability from csaf_certbund - Published: 2025-02-10 23:00 - Updated: 2025-02-10 23:00

Summary

ABB 800xA: Schwachstelle ermöglicht Manipulation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

800xA ist ein Prozessleitsystem des Herstellers ABB zur Automatisierung verfahrenstechnischer Prozesse.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in ABB 800xA ausnutzen, um Daten zu manipulieren.

Betroffene Betriebssysteme

- Sonstiges - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "800xA ist ein Prozessleitsystem des Herstellers ABB zur Automatisierung verfahrenstechnischer Prozesse.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in ABB 800xA ausnutzen, um Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0306 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0306.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0306 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0306"
      },
      {
        "category": "external",
        "summary": "ABB Security Advisory vom 2025-02-10",
        "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
      }
    ],
    "source_lang": "en-US",
    "title": "ABB 800xA: Schwachstelle erm\u00f6glicht Manipulation",
    "tracking": {
      "current_release_date": "2025-02-10T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-11T10:06:05.821+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0306",
      "initial_release_date": "2025-02-10T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-02-10T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "5.1.x",
                "product": {
                  "name": "ABB 800xA 5.1.x",
                  "product_id": "T040978",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:abb:800xa:5.1.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.0.3.x",
                "product": {
                  "name": "ABB 800xA 6.0.3.x",
                  "product_id": "T040979",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:abb:800xa:6.0.3.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.1.1.x",
                "product": {
                  "name": "ABB 800xA 6.1.1.x",
                  "product_id": "T040980",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:abb:800xa:6.1.1.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.2.x",
                "product": {
                  "name": "ABB 800xA 6.2.x",
                  "product_id": "T040981",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:abb:800xa:6.2.x"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "800xA"
          }
        ],
        "category": "vendor",
        "name": "ABB"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-10334",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in ABB 800xA. Sie besteht aufgrund der Speicherung von Kamerapassw\u00f6rtern im Klartext im VideONet-Produkt. Ein lokaler Angreifer kann dies ausnutzen, um den Videofeed zu manipulieren oder abzubrechen ."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040979",
          "T040978",
          "T040981",
          "T040980"
        ]
      },
      "release_date": "2025-02-10T23:00:00.000+00:00",
      "title": "CVE-2024-10334"
    }
  ]
}

7PAA012159

Vulnerability from csaf_abb - Published: 2025-02-10 00:30 - Updated: 2025-02-10 00:30

Summary

System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text

Notes

Summary

ABB is aware of a vulnerability related to the VideONet product. The vulnerability is applicable in the System 800xA versions listed as affected in the advisory, where the VideONet product is used. There will be no update/resolution of this vulnerability in System 800xA. Instead, the strategy for ABB is to offer existing customers using VideONet a transfer to a new product, Camera Connect. This will be offered as soon as Camera Connect is available as a product. An attacker who successfully exploited the vulnerability could, in the worst-case scenario, stop or manipulate the video feed. There is no impact to other Operator station functions (graphics, trends, faceplates, etc.) and Control operations are not impacted at all.

General security recommendations

Control systems and the control network are exposed to cyber threats. In order to minimize these risks, the protective measures and best practices listed below are available in addition to other measures. ABB strongly recommends system integrators and asset owners to implement the measures they consider appropriate for their control system environment: – Place control systems in a dedicated control network containing control systems only. – Locate control networks and systems behind firewalls and separate them from any other networks like business networks and the Internet. – Block any inbound Internet traffic destined for the control networks/systems. Place remote access systems used for remote control system access outside the control network. – Limit outbound Internet traffic originating from control systems/networks as much as possible. If control systems must talk to the Internet, tailor firewall rules to required resources allow only source IPs, destination IPs and services/destination ports which control systems definitely need to use for normal control operation. – If Internet access is required on occasion only, disable relevant firewall rules and enable them during the time window of required Internet access only. If supported by your firewall, define an expiry date and time for such rules after the expiry date and time, the firewall will disable the rule automatically. – Limit exposure of control networks/systems to internal systems. Tailor firewall rules allowing traffic from internal systems to control networks/systems to allow only source IPs, destination IPs and services/destination ports which are definitely required for normal control operation. – Create strict firewall rules to filter malicious network traffic targeting control system ("exploit traffic"). Exploit traffic may use network communication features like source routing, IP fragmentation and/or IP tunneling. If such features are not required for normal control operation, block them on your firewall. – If supported by your firewall, apply additional filters to allowed traffic which provide protection for control networks/systems. Such filters are provided by advanced firewall features like Application Control and Anti-Virus. – Use Intrusion Detection Systems (IDS) or Intrusion Preventions Systems (IPS) to detect/block control system specific exploit traffic. Consider using IPS rules protecting against control system exploits. – When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Please ensure that VPN solutions are updated to the most current version available. – In case you want to filter internal control network traffic, consider using solutions supporting Intra-LAN traffic control like VLAN access control lists. – Harden your control systems by enabling only the ports, services and software required for normal control operation. Disable all other ports and disable/uninstall all other services and software. – If possible, limit the permissions of user accounts, software processes and devices to the permissions required for normal control operation. – Use trusted, patched software and malware protection solutions. Interact with trusted websites and trusted email attachments only. – Ensure all nodes are always up to date in terms of installed software, operating system and firmware patches as well as anti-virus and firewall. – Protect control systems from physical access by unauthorized personnel e.g. by placing them in locked switch cabinets. More information on recommended practices can be found in the reference section (3BSE034463D6200).

Support

For additional instructions and support please contact your local ABB service organization. For contact information, see www.abb.com/contactcenters. Information about ABB's cyber security program and capabilities can be found at www.abb.com/cybersecurity

Notice

The information in this document is subject to change without notice, and should not be construed as a commitment by ABB. ABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall ABB or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if ABB or its suppliers have been advised of the possibility of such damages. This document and parts hereof must not be reproduced or copied without written permission from ABB, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose. All rights to registrations and trademarks reside with their respective owners.

Workarounds

The only possible workaround is to secure and protect the network where VideONet is running and the VideONet Server from unauthorized access. The workaround will not correct the underlying vulnerability, but it helps blocking known attack vectors. Refer to section “General security recommendations” for further advise on how to keep your system secure.

Mitigating factors

Follow the guidelines in the System 800xA VideONet Connect user documentation (2PAA109407*) to secure and protect the installation of, and the network where VideONet is running. Refer to section “General security recommendations” for further advice on how to keep your system secure.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "\u00a9 Copyright 2024 ABB. All rights reserved.",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ABB is aware of a vulnerability related to the VideONet product. The vulnerability is applicable in the System 800xA versions listed as affected in the advisory, where the VideONet product is used. There will be no update/resolution of this vulnerability in System 800xA. Instead, the strategy for ABB is to offer existing customers using VideONet a transfer to a new product, Camera Connect. This will be offered as soon as Camera Connect is available as a product.\nAn attacker who successfully exploited the vulnerability could, in the worst-case scenario, stop or manipulate the video feed.\nThere is no impact to other Operator station functions (graphics, trends, faceplates, etc.) and Control operations are not impacted at all.",
        "title": "Summary"
      },
      {
        "category": "other",
        "text": "Control systems and the control network are exposed to cyber threats. In order to minimize these risks, the protective measures and best practices listed below are available in addition to other measures. ABB strongly recommends system integrators and asset owners to implement the measures they consider appropriate for their control system environment:\n\n\n\u2013\tPlace control systems in a dedicated control network containing control systems only.\n\n\n\u2013\tLocate control networks and systems behind firewalls and separate them from any other networks like business networks and the Internet.\n\n\n\u2013\tBlock any inbound Internet traffic destined for the control networks/systems. Place remote access systems used for remote control system access outside the control network.\n\n\n\u2013\tLimit outbound Internet traffic originating from control systems/networks as much as possible. If control systems must talk to the Internet, tailor firewall rules to required resources allow only source IPs, destination IPs and services/destination ports which control systems definitely need to use for normal control operation.\n\n\n\u2013\tIf Internet access is required on occasion only, disable relevant firewall rules and enable them during the time window of required Internet access only. If supported by your firewall, define an expiry date and time for such rules after the expiry date and time, the firewall will disable the rule automatically.\n\n\n\u2013\tLimit exposure of control networks/systems to internal systems. Tailor firewall rules allowing traffic from internal systems to control networks/systems to allow only source IPs, destination IPs and services/destination ports which are definitely required for normal control operation.\n\n\n\u2013\tCreate strict firewall rules to filter malicious network traffic targeting control system (\"exploit traffic\"). Exploit traffic may use network communication features like source routing, IP fragmentation and/or IP tunneling. If such features are not required for normal control operation, block them on your firewall.\n\n\n\u2013\tIf supported by your firewall, apply additional filters to allowed traffic which provide protection for control networks/systems. Such filters are provided by advanced firewall features like Application Control and Anti-Virus.\n\n\n\u2013\tUse Intrusion Detection Systems (IDS) or Intrusion Preventions Systems (IPS) to detect/block control system specific exploit traffic. Consider using IPS rules protecting against control system exploits.\n\n\n\u2013\tWhen remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Please ensure that VPN solutions are updated to the most current version available.\n\n\n\u2013\tIn case you want to filter internal control network traffic, consider using solutions supporting Intra-LAN traffic control like VLAN access control lists.\n\n\n\u2013\tHarden your control systems by enabling only the ports, services and software required for normal control operation. Disable all other ports and disable/uninstall all other services and software.\n\n\n\u2013\tIf possible, limit the permissions of user accounts, software processes and devices to the permissions required for normal control operation.\n\n\n\u2013\tUse trusted, patched software and malware protection solutions. Interact with trusted websites and trusted email attachments only.\n\n\n\u2013\tEnsure all nodes are always up to date in terms of installed software, operating system and firmware patches as well as anti-virus and firewall.\n\n\n\u2013\tProtect control systems from physical access by unauthorized personnel e.g. by placing them in locked switch cabinets.\n\nMore information on recommended practices can be found in the reference section (3BSE034463D6200).\n",
        "title": "General security recommendations"
      },
      {
        "category": "other",
        "text": "For additional instructions and support please contact your local ABB service organization. For contact information, see www.abb.com/contactcenters.\nInformation about ABB\u0027s cyber security program and capabilities can be found at www.abb.com/cybersecurity\n",
        "title": "Support"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information in this document is subject to change without notice, and should not be construed as a commitment by ABB.\nABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall ABB or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if ABB or its suppliers have been advised of the possibility of such damages.\nThis document and parts hereof must not be reproduced or copied without written permission from ABB, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose.\nAll rights to registrations and trademarks reside with their respective owners.\n",
        "title": "Notice"
      },
      {
        "category": "general",
        "text": "The only possible workaround is to secure and protect the network where VideONet is running and the VideONet Server from unauthorized access.\nThe workaround will not correct the underlying vulnerability, but it helps blocking known attack vectors.  Refer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure. \n",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "Follow the guidelines in the System 800xA VideONet Connect user documentation (2PAA109407*) to secure and protect the installation of, and the network where VideONet is running.\nRefer to section \u201cGeneral security recommendations\u201d for further advice on how to keep your system secure.\n",
        "title": "Mitigating factors"
      }
    ],
    "publisher": {
      "category": "vendor",
      "name": "ABB PSIRT",
      "namespace": "https://global.abb/group/en/technology/cyber-security/alerts-and-notifications"
    },
    "references": [
      {
        "category": "self",
        "summary": "ABB CYBERSECURITY ADVISORY - PDF version ",
        "url": "https://search.abb.com/library/Download.aspx?DocumentID=7PAA012159\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
      },
      {
        "summary": "System 800xA 6.2 Reference - Network Configuration (3BSE034463D6200)",
        "url": "http://search.abb.com/library/Download.aspx?DocumentID=3BSE034463D6200\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
      },
      {
        "summary": "System 800xA 6.2 Operations \u2013 VideONet Connect (2PAA109407D6200)",
        "url": "http://search.abb.com/library/Download.aspx?DocumentID=2PAA109407D6200\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
      },
      {
        "category": "self",
        "summary": "ABB CYBERSECURITY ADVISORY - CSAF version ",
        "url": "https://psirt.abb.com/csaf/2025/7paa012159.json"
      }
    ],
    "title": "System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text",
    "tracking": {
      "current_release_date": "2025-02-10T00:30:00.000Z",
      "generator": {
        "date": "2025-09-23T17:01:19.008Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.35"
        }
      },
      "id": "7PAA012159",
      "initial_release_date": "2025-02-10T00:30:00.000Z",
      "revision_history": [
        {
          "date": "2025-02-10T00:30:00.000Z",
          "legacy_version": "A",
          "number": "1",
          "summary": "Initial version. "
        },
        {
          "date": "2025-02-10T00:30:00.000Z",
          "legacy_version": "B",
          "number": "2",
          "summary": "There were some minor corrections"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "6.0.3.*",
                "product": {
                  "name": "System 800xA6.0.3.x",
                  "product_id": "AV2"
                }
              },
              {
                "category": "product_version_range",
                "name": "6.1.1.*",
                "product": {
                  "name": "System 800xA 6.1.1.x",
                  "product_id": "AV3"
                }
              },
              {
                "category": "product_version_range",
                "name": "6.2.*",
                "product": {
                  "name": "System 800xA 6.2.x",
                  "product_id": "AV4"
                }
              },
              {
                "category": "product_version_range",
                "name": "5.1.*",
                "product": {
                  "name": "System 800xA 5.1.x",
                  "product_id": "AV1"
                }
              }
            ],
            "category": "product_name",
            "name": "System 800xA "
          }
        ],
        "category": "vendor",
        "name": "ABB"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-10334",
      "cwe": {
        "id": "CWE-256",
        "name": "Plaintext Storage of a Password"
      },
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.  An attacker who successfully exploited this vulnerability could retrieve the login credentials for all cameras and manipulate or stop the video feed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "AV1",
          "AV2",
          "AV3",
          "AV4"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "NVD - CVE-2024-10334",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10334"
        }
      ],
      "remediations": [
        {
          "category": "no_fix_planned",
          "details": "ABB recommends following the guidelines described in the System 800xA VideONet Connect user documentation (2PAA109407*). The user documentation explains how to protect the network on which cameras are connected from unauthorized access and the recommended deployment. Similarly, it is important to protect the VideONet Server from unauthorized access.\nThere will be no update for VideONet in System 800xA. Instead, the recommendation is to transfer to the new product, Camera Connect, as soon as it becomes available. Camera Connect is expected to be released in the first half of 2025. Customers may proactively reach out to their ABB contact in case they would like to receive further information about the new Camera Connect solution.\nEnsure that the camera user accounts used by System 800xA only have the minimum level of permission needed to perform the required task, e.g. do not use an administrator or superuser account. This limits the potential damage from a leaked password.\n",
          "product_ids": [
            "AV1",
            "AV2",
            "AV3",
            "AV4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.2,
            "environmentalSeverity": "MEDIUM",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "remediationLevel": "UNAVAILABLE",
            "reportConfidence": "UNKNOWN",
            "scope": "UNCHANGED",
            "temporalScore": 6.2,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H/E:U/RL:U/RC:U",
            "version": "3.1"
          },
          "products": [
            "AV1",
            "AV2",
            "AV3",
            "AV4"
          ]
        }
      ],
      "title": "CVE-2024-10334"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-10334 (GCVE-0-2024-10334)

GHSA-7348-RMW4-RHVW

FKIE_CVE-2024-10334

WID-SEC-W-2025-0306

7PAA012159

Tags

Sightings

Nomenclature