CVE-2024-50628

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 9, 2024
Updated: Dec 11, 2024
CWE ID 862

Summary

CVE-2024-50628 is a vulnerability affecting Digi ConnectPort LTS web services prior to version 1.4.12. An attacker on a local area network can exploit this issue to gain unauthorized access and manipulate resources. While this vulnerability does not result in remote code execution on its own, it can be combined with other vulnerabilities to facilitate such an attack. This poses a significant security risk for organizations using affected versions of Digi ConnectPort LTS. It is strongly recommended that users upgrade to the patched version as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share