CVE-2024-49396

Elvaco - Auth Bypass

Title source: llm

Description

The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.

References (1)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01

Scores

EPSS 0.0029

EPSS Percentile 52.5%

Classification

CWE

CWE-522

Status draft

Timeline

Published Oct 17, 2024

Tracked Since Feb 18, 2026