CVE-2024-42417

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 3, 2024

Updated: Oct 4, 2024

CWE ID 89

Summary

CVE-2024-42417 identifies a vulnerability in Delta Electronics DIAEnergie, specifically an SQL injection flaw in the Handler_CFG.ashx script. This vulnerability allows authenticated attackers to exploit the system, potentially leading to delays and affecting the product's operation. The severity of this vulnerability is rated as high, with a CVSS base score of 8.8, indicating significant risks to confidentiality and integrity. Remediation measures can be found on Delta's cybersecurity advisory page and related advisories from CISA. Organizations utilizing affected products should prioritize patching to mitigate potential threats associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database