CVE-2024-9928
CVE-2024-9928
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
26 nov 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability exists in NSD570 login panel that does not restrict excessive authentication attempts. If exploited, this could
cause account takeover and unauthorized access to the system
when an attacker conducts brute-force attacks against the
equipment login. Note that the system supports only one concurrent session and implements a delay of more than a second
between failed login attempts making it difficult to automate the
attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Hitachi Energy · NSD570 Teleprotection Equipment¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →