CVE-2024-2453

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Published Mar 21, 2024

Updated: Mar 22, 2024

CWE ID 89

Summary

CVE-2024-2453 is a newly identified SQL injection vulnerability affecting Advantech WebAccess/SCADA software. This issue enables authenticated attackers to remotely inject SQL code into the database, potentially granting unauthorized access to sensitive data. Successfully exploiting this vulnerability could lead to data modification or theft, posing a significant risk to organizations utilizing this software. It is crucial that affected organizations apply the necessary patches or mitigations to protect their databases from potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ugMbye
https://www.cve.org/CVERecord?id=CVE-2024-2453
https://nvd.nist.gov/vuln/detail/CVE-2024-2453

Back to Vulnerability Database

CVE-2024-2453

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations