CVE-2024-33897
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Aug 6, 2024
Updated: Oct 10, 2024
CWE ID 425
Summary
CVE-2024-33897: A vulnerability was discovered in HMS Networks Cosy+ devices, allowing a compromised device to request a Certificate Signing Request from Talk2m for another device. This issue could lead to an availability problem. The vulnerability was addressed on Talk2m's production server on April 18, 2024. Unauthorized access to a Cosy+ device could potentially manipulate certificate requests, causing availability disruptions. This vulnerability underscores the importance of securing IoT devices and their communication channels.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- HMS Industrial Networks AB