Description
A vulnerability allows attackers to download source code or an executable from a remote location and execute the code without sufficiently verifying the origin and integrity of the code. This vulnerability can allow attackers to modify the firmware before uploading it to the system, thus achieving the modification of the target’s integrity to achieve an insecure state.
References (1)
Core 1
Core References
Various Sources
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273
Scores
CVSS v3
9.8
EPSS
0.0025
EPSS Percentile
16.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-494
Status
published
Products (1)
Kiloview/P1/P2
All - 4.8.2605
Published
Jul 02, 2024
Tracked Since
Feb 18, 2026