VDE-2024-068
Vulnerability from csaf_mbconnectlinegmbh - Published: 2024-10-15 08:00 - Updated: 2026-03-06 08:00Summary
MB connect line: Multiple Vulnerabilities in MB connect line Products
Notes
Summary: Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access.
CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products.
CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.
CVE-2024-45275 affects only the mbNET HW1 product.
Impact: CVE-2024-45272 allows brute-force attacks against remote credentials with a high probability of success.
CVE-2024-45273 allows undetectable tampering and manipulation of encrypted configuration files.
CVE-2024-45275 allow remote code execution with system privileges, resulting in full compromise of the device
Remediation: Update mbNET/mbNET.rokey to the version 8.2.1\
Update mbCONNECT24, mymbCONNECT24 to the version 2.16.3\
**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.
9.8 (Critical)
Vendor Fix
**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.
8.4 (High)
Vendor Fix
Update mbNET/mbNET.rokey to the version 8.2.1\
Update mbCONNECT24, mymbCONNECT24 to the version 2.16.3\
**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
7.5 (High)
Vendor Fix
Update mbCONNECT24, mymbCONNECT24 to the version 2.16.3
References
Acknowledgments
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Moritz Abrell"
],
"organization": "SySS GmbH",
"summary": "reporting",
"urls": [
"https://www.syss.de"
]
},
{
"organization": "Marcel Rick-Cen",
"summary": "reporting"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access.\n\nCVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products.\n\nCVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.\n\nCVE-2024-45275 affects only the mbNET HW1 product.",
"title": "Summary"
},
{
"category": "description",
"text": "CVE-2024-45272 allows brute-force attacks against remote credentials with a high probability of success.\n\nCVE-2024-45273 allows undetectable tampering and manipulation of encrypted configuration files.\n\nCVE-2024-45275 allow remote code execution with system privileges, resulting in full compromise of the device\n",
"title": "Impact"
},
{
"category": "description",
"text": "Update mbNET/mbNET.rokey to the version 8.2.1\\\nUpdate mbCONNECT24, mymbCONNECT24 to the version 2.16.3\\\n**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security-team@mbconnectline.de",
"name": "MB connect line GmbH",
"namespace": "https://mbconnectline.com"
},
"references": [
{
"category": "external",
"summary": "Product security incident reports",
"url": "https://mbconnectline.com/security-advice"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for MB connect line",
"url": "https://certvde.com/en/advisories/vendor/mbconnectline"
},
{
"category": "self",
"summary": "VDE-2024-068: MB connect line: Multiple Vulnerabilities in MB connect line Products - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-068"
},
{
"category": "self",
"summary": "Security Incident Management SIM#2024-04 - PDF",
"url": "https://advisories.mbconnectline.com/pdf/SIM2024-04.pdf"
},
{
"category": "self",
"summary": "VDE-2024-068: MB connect line: Multiple Vulnerabilities in MB connect line Products - CSAF",
"url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-068.json"
}
],
"title": "MB connect line: Multiple Vulnerabilities in MB connect line Products",
"tracking": {
"aliases": [
"VDE-2024-068",
"SIM#2024-04"
],
"current_release_date": "2026-03-06T08:00:00.000Z",
"generator": {
"date": "2026-03-06T07:45:42.564Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.43"
}
},
"id": "VDE-2024-068",
"initial_release_date": "2024-10-15T08:00:00.000Z",
"revision_history": [
{
"date": "2024-10-15T08:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "2.0.0",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2025-05-14T12:28:19.000Z",
"number": "3.0.0",
"summary": "Fix: version space"
},
{
"date": "2026-03-06T08:00:00.000Z",
"number": "4.0.0",
"summary": "Added CVE-2024-45275"
}
],
"status": "final",
"version": "4.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_family",
"name": "mbCONNECT24",
"product": {
"name": "MB connect line mbCONNECT24",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mb_connect_line:mbCONNECT24:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "mbNET HW1",
"product": {
"name": "MB connect line mbNET HW1",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"MDH 810 (HW01)",
"MDH 811 (HW01)",
"MDH 814 (HW01)",
"MDH 815 (HW01)",
"DH 816 (HW01)",
"DH 819 (HW01)",
"MDH 830 (HW01)",
"MDH 831 (HW01)",
"MDH 834 (HW01) ",
"MDH 835 (HW01)",
"DH 841 (HW01)",
"MDH 849 (HW01)",
"DH 850 EU (HW01)",
"MDH 850 AT\u0026T (HW01)",
"DH 855 EU (HW01)",
"MDH 855 AT\u0026T (HW01)",
"MDH 858 EU (HW01)",
"MDH 858 AT\u0026T (HW01)",
"MDH 859 EU (HW01)",
"MDH 859 AT\u0026T (HW01)"
]
}
}
},
{
"category": "product_name",
"name": "mbNET/mbNET.rokey",
"product": {
"name": "MB connect line mbNET/mbNET.rokey",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"MDH 811",
"MDH 816",
"MDH 831",
"MDH 835",
"MDH 841",
"MDH 850 EU",
"MDH 850 US",
"MDH 855 EU",
"MDH 855 US",
"MDH 859 EU",
"MDH 859 US",
"MDH 871",
"MDH 876",
"RKH 210",
"RKH 216",
"RKH 235",
"RKH 259 EU",
"RKH 259 US"
]
}
}
},
{
"category": "product_name",
"name": "mbSPIDER",
"product": {
"name": "MB connect line mbSPIDER",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"MDH 900",
"MDH 901",
"MDH 905",
"MDH 906",
"MDH 907",
"MDH 908",
"MDH 910",
"MDH 911",
"MDH 915",
"MDH 916",
"MDH 918"
]
}
}
},
{
"category": "product_name",
"name": "mymbCONNECT24",
"product": {
"name": "MB connect line mymbCONNECT24",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"cpe": "cpe:2.3:h:mb_connect_line:mymbCONNECT24:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c=2.16.2",
"product": {
"name": "Firmware \u003c=2.16.2",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "vers:semver/\u003c=5.1.11",
"product": {
"name": "Firmware \u003c=5.1.11",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "vers:semver/\u003c=8.2.0",
"product": {
"name": "Firmware \u003c=8.2.0",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "vers:semver/\u003c=2.6.5",
"product": {
"name": "Firmware \u003c=2.6.5",
"product_id": "CSAFPID-21005"
}
},
{
"category": "product_version",
"name": "8.2.1",
"product": {
"name": "Firmware 8.2.1",
"product_id": "CSAFPID-22002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:8.2.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.16.3",
"product": {
"name": "Firmware 2.16.3",
"product_id": "CSAFPID-22003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.16.2",
"product": {
"name": "Firmware 2.16.2",
"product_id": "CSAFPID-21004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "5.1.11",
"product": {
"name": "Firmware 5.1.11",
"product_id": "CSAFPID-21006",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:5.1.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "Firmware 8.2.0",
"product_id": "CSAFPID-21007",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:8.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version",
"name": "2.6.5",
"product": {
"name": "Firmware 2.6.5",
"product_id": "CSAFPID-21008",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.6.5:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "MB connect line"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31006"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"summary": "Fixed products."
},
{
"group_id": "CSAFGID-0003",
"product_ids": [
"CSAFPID-33002",
"CSAFPID-33003",
"CSAFPID-33001",
"CSAFPID-33004",
"CSAFPID-33005"
],
"summary": "Last affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=2.16.2 installed on MB connect line mbCONNECT24",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=2.16.2 installed on MB connect line mymbCONNECT24",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=5.1.11 installed on MB connect line mbNET HW1",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=8.2.0 installed on MB connect line mbNET/mbNET.rokey",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=2.6.5 installed on MB connect line mbSPIDER",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21005",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.1 installed on MB connect line mbNET/mbNET.rokey",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:8.2.1:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.3 installed on MB connect line mbCONNECT24",
"product_id": "CSAFPID-32003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.3:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.3 installed on MB connect line mymbCONNECT24",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.3:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 5.1.11 installed on MB connect line mbNET HW1",
"product_id": "CSAFPID-33001",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:5.1.11:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21006",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.2 installed on MB connect line mbCONNECT24",
"product_id": "CSAFPID-33002",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.2:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.2 installed on MB connect line mymbCONNECT24",
"product_id": "CSAFPID-33003",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.16.2:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.6.5 installed on MB connect line mbSPIDER",
"product_id": "CSAFPID-33004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:2.6.5:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21008",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.0 installed on MB connect line mbNET/mbNET.rokey",
"product_id": "CSAFPID-33005",
"product_identification_helper": {
"cpe": "cpe:2.3:o:mb_connect_line:firmware:8.2.0:*:*:*:*:*:*:*"
}
},
"product_reference": "CSAFPID-21007",
"relates_to_product_reference": "CSAFPID-11003"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45275",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31003"
],
"last_affected": [
"CSAFPID-33001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.",
"group_ids": [
"CSAFGID-0001",
"CSAFGID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31003",
"CSAFPID-33001"
]
}
],
"title": "CVE-2024-45275"
},
{
"cve": "CVE-2024-45273",
"cwe": {
"id": "CWE-261",
"name": "Weak Encoding for Password"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31006"
],
"last_affected": [
"CSAFPID-33002",
"CSAFPID-33003",
"CSAFPID-33001",
"CSAFPID-33004",
"CSAFPID-33005"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update mbNET/mbNET.rokey to the version 8.2.1\\\nUpdate mbCONNECT24, mymbCONNECT24 to the version 2.16.3\\\n**Note**: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.",
"group_ids": [
"CSAFGID-0001",
"CSAFGID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31006",
"CSAFPID-33002",
"CSAFPID-33003",
"CSAFPID-33001",
"CSAFPID-33004",
"CSAFPID-33005"
]
}
],
"title": "CVE-2024-45273"
},
{
"cve": "CVE-2024-45272",
"cwe": {
"id": "CWE-1391",
"name": "Use of Weak Credentials"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
],
"last_affected": [
"CSAFPID-33002",
"CSAFPID-33003"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update mbCONNECT24, mymbCONNECT24 to the version 2.16.3",
"group_ids": [
"CSAFGID-0001",
"CSAFGID-0003"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-33002",
"CSAFPID-33003"
]
}
],
"title": "CVE-2024-45272"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…