CVE-2024-41939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 13, 2024

Updated: Aug 14, 2024

CWE ID 863

Summary

CVE-2024-41939 is a newly discovered vulnerability that affects all versions of SINEC Network Management System (NMS) prior to V3.0. The issue lies in the application's authorization checks, which are not properly implemented. An authenticated attacker can exploit this weakness to bypass the checks and gain elevated privileges within the system. Successful exploitation could lead to unauthorized access and potential data breaches or system disruptions. It is recommended that users upgrade to the latest version of SINEC NMS to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xNkBmG
https://www.cve.org/CVERecord?id=CVE-2024-41939
https://nvd.nist.gov/vuln/detail/CVE-2024-41939

Back to Vulnerability Database

CVE-2024-41939

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations