CVE-2024-30190
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2024-30190 is a vulnerability affecting multiple Schneider Electric SCALANCE switch models, including W1748-1 M12, W1788-1 M12, W721-1 RJ45, W722-1 RJ45, W734-1 RJ45, W738-1 M12, W748-1 M12, W761-1 RJ45, W774-1 RJ45, W778-1 M12, W786-1 RJ45, W786-2 RJ45, W786-2 SFP, W786-2IA RJ45, W788-1 M12, W788-1 RJ45, W788-2 M12, W788-2 M12 EEC, W788-2 RJ45, WAM763-1, WAM766-1 (EU), WAM766-1 (US), WUM763-1, and WUM766-1. This vulnerability falls under Scenario 2 "Abuse the queue for network disruptions" of CVE-2022-47522. Affected devices can be manipulated by an attacker in close proximity to enable their power-saving mechanisms for a victim client, potentially allowing the attacker to execute disconnection and denial-of-service attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Siemens AG