CVE-2024-42470
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Aug 12, 2024
Updated: Sep 12, 2024
CWE ID 862
Summary
CVE-2024-42470 is a vulnerability affecting the CometVisu add-on of openHAB, an open-source home automation software. In versions prior to 4.2.1, several endpoints lack authentication. Consequently, unauthenticated attackers can exploit this weakness to modify data or steal sensitive information, posing a risk of data disclosure. To mitigate this vulnerability, users are advised to upgrade to the patched version 4.2.1 of the CometVisu add-on.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share