CVE-2024-30189

CVSS 3.1 Score 6.1 of 10 (medium)

Attack Complexity low
Confidentiality high
Scope changed
Privileges Required low
Integrity none
Availability none

Details

Published Apr 9, 2024
CWE ID 290

Summary

CVE-2024-30189 designates a vulnerability affecting multiple Siemens SCALANCE series devices, including W721-1, W722-1, W734-1, W738-1, W748-1, W761-1, W774-1, W778-1, W786-1, W786-2, W788-1, and W788-2 models. These devices queue frames before changing their security context, potentially exposing the frames to a physically proximate attacker. This issue is a variant of CVE-2022-47522's Scenario 1, "Leak frames from the Wi-Fi queue," allowing the attacker to intercept possibly cleartext target-destined frames.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share