CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-27201

Medium Severity
Openautomationsoftware
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00175/1

CVE-2024-27201: Improper input validation in Open Automation Software (OAS) Platform could lead to unexpected data in the configuration. This vulnerability allows attackers to manipulate network requests, potentially compromising the system.

CVE-2024-27201 affects Open Automation Software OAS Platform V19.00.0057, specifically within the OAS Engine User Configuration. Despite a CVSS score of 0, the SVRS of 30 suggests a moderate risk, indicating that while not critical, the vulnerability should be addressed. An attacker exploiting this flaw could craft specific network requests causing the system to behave in an unintended manner by injecting unexpected data into the configuration. This could potentially lead to unauthorized access or data corruption. While not deemed immediately critical, continuous monitoring is advised due to the "In The Wild" tag. Proper input validation is crucial to mitigate risks.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-04-03
LAST MODIFIED2025-01-23

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

No news found for this CVE

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppOpenautomationsoftwareopen_automation_software

References

ReferenceLink
[email protected]https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949
AF854A3A-2127-422B-91AE-364DA2661108https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949
[email protected]https://talosintelligence.com/vulnerability_reports/TALOS-2024-1949

CWE Details

CWE IDCWE NameDescription
CWE-20Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence