exploitDog

CVE-2024-22807

Опубликовано: 22 апр. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.

Ссылки

https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9
Third Party Advisory
https://gist.github.com/VcuCyber/51075894d1728db07fc2df286c003df9
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:tormach:pathpilot_controller:2.9.6:*:*:*:*:*:*:*

cpe:2.3:h:tormach:xstech_cnc_router:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00107

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-vq5q-96mp-22gj

CVSS3: 6.5

github

почти 2 года назад

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.

EPSS

Процентиль: 29%

0.00107

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-284