CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-45841

Medium Severity
SVRS
36/100
CVSSv3
NA/10
EPSS
0.0005/1

CVE-2024-45841: Incorrect permission assignment in UD-LT1 firmware allows unauthorized access. A vulnerability exists where an attacker, using a guest account, can access a specific file containing sensitive credentials. This affects UD-LT1 and UD-LT1/EX firmware versions 2.1.9 and earlier. With a SOCRadar Vulnerability Risk Score (SVRS) of 36, while not critical, this CVE requires monitoring and potential mitigation. Exploitation could lead to unauthorized access and compromise of the affected system. The incorrect permission assignment is classified as CWE-732, highlighting the nature of the vulnerability. Addressing this flaw is crucial to prevent potential credential theft and maintain system security. Although not immediately critical according to the SVRS, the "In The Wild" tag means this is actively being exploited somewhere.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-12-05
LAST MODIFIED2024-12-18
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-45841 is a vulnerability that has not yet been publicly described. It is currently under investigation and has a low CVSS score of 0, reflecting the lack of available information. However, SOCRadar's unique SVRS (SOCRadar Vulnerability Risk Score) assigns a score of 30, indicating a potential vulnerability that could pose moderate risk. The "In The Wild" tag further highlights the urgency, suggesting that this vulnerability is being actively exploited by threat actors.

Key Insights

  • Limited Information: While the exact nature of the vulnerability remains unknown, the "In The Wild" tag strongly suggests that it is being exploited by attackers.
  • Potential for Significant Impact: The SVRS score of 30 indicates a moderate level of risk associated with CVE-2024-45841, implying potential for significant impact, even without detailed information.
  • Active Exploitation: The vulnerability is actively exploited in the wild, indicating a high urgency for immediate action to mitigate the risk.
  • Threat Actor Identification: Due to the lack of available information, the specific threat actors or APT groups involved in exploiting this vulnerability are unknown at this time.

Mitigation Strategies

  • Stay Informed: Continuously monitor for updates and information about CVE-2024-45841 from reputable sources like CISA, NIST, and SOCRadar.
  • Proactive Patching: Implement a robust patching strategy to address known vulnerabilities as soon as possible, including for this CVE as soon as more information becomes available.
  • Threat Intelligence: Utilize threat intelligence feeds and services to stay updated on potential attacks and exploit methods related to this vulnerability.
  • Security Awareness Training: Train users about potential threats and best practices for safe online behavior to mitigate the risk of human error and social engineering attacks.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel - The Hacker News
2024-12-05
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel - The Hacker News | News Content: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-51378 (CVSS score: 10.0) - An incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property CVE-2023-45727 (CVSS score: 7.5) - An improper restriction of
google.com
rss
forum
news
Cleo urges customers to patch actively exploited vulnerability. Iran-linked threat actor deploys new ICS malware. - The CyberWire
2024-12-14
Cleo urges customers to patch actively exploited vulnerability. Iran-linked threat actor deploys new ICS malware. - The CyberWire | News Content: By the CyberWire staff At a glance. Cleo urges customers to patch actively exploited vulnerability. Iran-linked threat actor deploys new ICS malware. Chinese APT abuses Visual Studio Code Tunnels for C2 purposes. Radiant Capital attributes $50 million cryptocurrency theft to DPRK hackers. I-O Data is still working on patches for two router zero-days. Nemesis and ShinyHunters target misconfigured websites. Romanian energy company hit by ransomware. Researchers describe Nova, a new version of the Snake Keylogger. Microsoft patches
google.com
rss
forum
news
CISA, Zyxel, ProjectSend ve CyberPanel Ürünlerinde Aktif Olarak Kullanılan Güvenlik Açıkları Hakkında Uyardı
Görkem Hınçer2024-12-13
CISA, Zyxel, ProjectSend ve CyberPanel Ürünlerinde Aktif Olarak Kullanılan Güvenlik Açıkları Hakkında Uyardı | ABD Siber Güvenlik ve Altyapı Güvenliği Ajansı (CISA), Zyxel, North Grid Proself, ProjectSend ve CyberPanel ürünlerini etkileyen çok sayıda güvenlik açığını bilinen istismar edilen güvenlik açıkları (KEV) kataloğuna ekledi. Bu ekleme, söz konusu açıklardan faydalanıldığını gösteren kanıtların bulunmasının ardından yapıldı. Belirlenen güvenlik açıkları şunlardır: CVE-2024-51378 (CVSS puanı: 10.0) Yanlış varsayılan izinler nedeniyle kimlik doğrulama atlanabilir ve durum dosyasındaki özellikler aracılığıyla shell karakterleri kullanılarak rastgele komutlar çalıştırılabilir. CVE-2023-45727 (CVSS puanı: 7.5) XML Dış Varlık (XXE) referansı üzerindeki yetersiz kısıtlama, uzaktan ve
siberguvenlik.web.tr
rss
forum
news
I-O Data is still working on patches for two router zero-days. Medical device manufacturer hit by ransomware. - The CyberWire
2024-12-08
I-O Data is still working on patches for two router zero-days. Medical device manufacturer hit by ransomware. - The CyberWire | News Content: By the CyberWire staff At a glance. I-O Data is still working on patches for two router zero-days. Medical device manufacturer hit by ransomware. Europol operation shuts down phone phishing gang. I-O Data is still working on patches for two router zero-days. Japanese device maker I-O Data is still working on patches for two actively exploited zero-days affecting its routers, SecurityWeek reports. One of the flaws (CVE-2024-45841) can lead
google.com
rss
forum
news
CVE-2024-45841 | I-O DATA DEVICE UD-LT1/UD-LT1 EX up to 2.1.8 permission assignment
vuldb.com2024-12-05
CVE-2024-45841 | I-O DATA DEVICE UD-LT1/UD-LT1 EX up to 2.1.8 permission assignment | A vulnerability classified as problematic has been found in I-O DATA DEVICE UD-LT1 and UD-LT1 EX up to 2.1.8. This affects an unknown part. The manipulation leads to incorrect permission assignment. This vulnerability is uniquely identified as CVE-2024-45841. It is possible to initiate the attack remotely. There is no
vuldb.com
rss
forum
news
I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks
Divya2024-12-05
I-O DATA Routers Command Injection Vulnerabilities Actively Exploited in Attacks | I-O DATA DEVICE, INC. has announced that several critical vulnerabilities in their UD-LT1 and UD-LT1/EX routers are being actively exploited. These vulnerabilities pose significant risks to users, necessitating urgent attention and action. Below is a detailed look at each vulnerability, its potential impact, and the solutions provided. CVE-2024-45841: Incorrect Permission Assignment for Critical Resource This […] The post I-O DATA Routers Command Injection Vulnerabilities Actively Exploited
gbhackers.com
rss
forum
news

Social Media

CVE-2024-45841 Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. If an attack… https://t.co/dgQDMOBTks
0
0
1
I-O DATA Routers Under Attack: Urgent Firmware Update Needed! Protect your I-O DATA router from CVE-2024-45841 and other vulnerabilities. Learn how to secure your device and prevent credential theft and command execution. https://t.co/BOdGP07eBm
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://jvn.jp/en/jp/JVN46615026/
[email protected]https://www.iodata.jp/support/information/2024/11_ud-lt1/

CWE Details

CWE IDCWE NameDescription
CWE-732Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence