CVE-2024-1480

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 19, 2024

Updated: Apr 22, 2024

CWE ID 257

Summary

CVE-2024-1480 is a newly disclosed vulnerability affecting Unitronics Vision Standard line of controllers. Malicious actors can retrieve the Information Mode password without authentication, posing a significant risk for unauthorized access and potential manipulation of controller settings. This issue could lead to various consequences, including production downtime, data breaches, or even more severe system compromises. Users are strongly advised to apply the necessary patches or workarounds provided by Unitronics to mitigate this vulnerability and secure their controllers from potential threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/veTFic
https://www.cve.org/CVERecord?id=CVE-2024-1480
https://nvd.nist.gov/vuln/detail/CVE-2024-1480

Back to Vulnerability Database

CVE-2024-1480

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations