CVE-2024-3016

CRITICAL

NEC Platforms DT900-5.3.4.4 - Info Disclosure

Title source: llm

Description

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated user.

References (1)

[Various Sources] https://jpn.nec.com/security-info/secinfo/nv24-002_en.html

Scores

CVSS v3 9.1

EPSS 0.0040

EPSS Percentile 60.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-912

Status published

Products (22)

NEC Platforms, Ltd/ITK-12D-1(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-12D-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-12DG-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32LCG-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32LCGS-1(BK) TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32LCGS-1A(BK) TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32LCGS-1P(BK) TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32TCG-1P(BK)TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32TCGS-1(BK) TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

NEC Platforms, Ltd/ITK-32TCGS-1A(BK) TEL 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20

... and 12 more

Published May 14, 2024

Tracked Since Feb 18, 2026