CVE-2024-8458

Summary

CVE-2024-8458 is a newly disclosed vulnerability affecting certain switch models from PLANET Technology. The issue resides in the web application of these switches, which is susceptible to Cross-Site Request Forgery (CSRF) attacks. An attacker, who is not authenticated, can manipulate users into visiting a malicious website. This enables the adversary to impersonate the user and execute actions on their behalf, such as creating new accounts. These activities can potentially lead to unauthorized access, data breaches, or other undesirable outcomes. Users are advised to upgrade their switch firmware to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.