CVE-2024-30191

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Apr 9, 2024

CWE ID 290

Summary

CVE-2024-30191 is a vulnerability affecting multiple Siemens SCALANCE switch models, including W1748-1, W1788-1, W721-1, W734-1, W774-1, and W786-1. This issue is categorized under Scenario 3 of CVE-2022-47522, which deals with overriding the client's security context. Malicious actors can exploit this vulnerability by tricking affected devices into associating a newly negotiated, attacker-controlled, security context with frames belonging to a victim. This allows the attacker to decrypt frames intended for the victim, potentially compromising their communication or data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Siemens AG

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vSO4rD
https://www.cve.org/CVERecord?id=CVE-2024-30191
https://nvd.nist.gov/vuln/detail/CVE-2024-30191

Back to Vulnerability Database

CVE-2024-30191

CVSS 3.1 Score 8.4 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations