CVE-2024-10575

10.0

Critical

Published:13 Nov 2024

Last updated:17 Jun 2026

Source:cybersecurity@se.com

Analyzed

Weakness (CWE)

CWE-862Missing Authorization

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: Low
Attack Requirements: None
Privileges Required: None
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): High
Integrity (Subsequent): Low
Availability (Subsequent): High

View on MITRE Find PoC on GitHub

Description

CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices.

References

cybersecurity@se.com

https://download.schneider-electric.com/doc/SEVD-2024-317-04/SEVD-2024-317-04.pdf