CVE-2024-45272

HIGH

Remote Service Portal - DoS

Title source: llm

Description

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.

References (3)

[Various Sources] https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-061.txt

[Third Party Advisory] https://cert.vde.com/en/advisories/VDE-2024-068

[Third Party Advisory] https://cert.vde.com/en/advisories/VDE-2024-069

Scores

CVSS v3 7.5

EPSS 0.0102

EPSS Percentile 77.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1391

Status published

Products (13)

helmholz/myrex24_v2_virtual_server < 2.16.3

helmholz/rex_200_firmware < 8.2.1

helmholz/rex_250_firmware < 8.2.1

helmholz/rex_300_firmware < 5.1.11

mbconnectline/mbconnect24 < 2.16.3

mbconnectline/mbnet.rokey_firmware < 8.2.1

mbconnectline/mbnet_firmware < 8.2.1

mbconnectline/mbnet_hw1_firmware < 5.1.11

mbconnectline/mbspider_mdh_905_firmware < 2.6.5

mbconnectline/mbspider_mdh_906_firmware < 2.6.5

... and 3 more

Published Oct 15, 2024

Tracked Since Feb 18, 2026