CVE-2024-35295
CVE-2024-35295
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.2EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
11 jun 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an attacker with physical access to the maintenance connection's door port to perform arbitrary configuration changes.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Innomotics · Perfect Harmony GH180