CVE-2024-39290
CVSS 3.0 Score 6.5 of 10 (medium)
Details
Summary
CVE-2024-39290 is a newly disclosed vulnerability affecting Aiphonix's IX SYSTEM and IXG SYSTEM. This issue arises from insufficient credential protection, allowing network-adjacent, unauthenticated attackers to gain access to sensitive information, including usernames and their corresponding passwords, which are stored in the address book. The impact of this vulnerability is significant, as it enables attackers to potentially compromise other parts of the system using the obtained credentials. It is crucial for users to update their devices as soon as a patch becomes available to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.