CVERadar

CVE-2024-5404

Medium Severity

SVRS

30/100

CVSSv3

NA/10

EPSS

0.00646/1

CVE-2024-5404: Moneo appliance admin password change vulnerability. This flaw allows an unauthenticated remote attacker to change the administrator password due to a weak password recovery mechanism. The low SVRS score of 30 suggests the threat is not currently critical, but monitoring is advised. The vulnerability resides in the password reset functionality. Successful exploitation grants an attacker full administrative control over the affected Moneo appliance. Despite the low SVRS, the "In The Wild" tag suggests potential for increased risk. Organizations using Moneo should review and strengthen their password recovery process to mitigate this risk.

TAGS

In The Wild

VECTOR STRING

PUBLICATION DATE2024-06-03

LAST MODIFIED2024-06-03

SOCRadar

AI Insight

Description

CVE-2024-5404 is a critical vulnerability in moneo appliances that allows an unauthenticated remote attacker to change the admin password due to a weak password recovery mechanism. The CVSS score of 9.8 indicates the high severity of this vulnerability, while the SVRS of 30 suggests that it is not as critical as other vulnerabilities with SVRS scores above 80. However, it is still important to address this vulnerability promptly to prevent potential attacks.

Key Insights

Unauthenticated Remote Attack: This vulnerability can be exploited by an attacker without the need for any authentication, making it easier for attackers to compromise the system.
Password Change: The attacker can change the admin password, giving them full control over the appliance. This could allow them to access sensitive data, modify configurations, or even launch further attacks.
In The Wild: This vulnerability is actively being exploited by hackers, making it crucial to take immediate action to mitigate the risk.

Mitigation Strategies

Update Software: Apply the latest software updates from the vendor to patch the vulnerability.
Strong Passwords: Implement strong password policies and enforce regular password changes.
Network Segmentation: Segment the network to limit the impact of a potential attack.
Monitor for Suspicious Activity: Monitor logs and network traffic for any suspicious activity that could indicate an attack.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-5404 | ifm moneo appliance QVA200 up to 1.13 password recovery (VDE-2024-028)

vuldb.com2024-06-03

CVE-2024-5404 | ifm moneo appliance QVA200 up to 1.13 password recovery (VDE-2024-028) | A vulnerability was found in ifm moneo appliance QVA200, moneo appliance QHA210, moneo appliance QHA300 and moneo for Micosoft Windows up to 1.13 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to weak password recovery. This vulnerability is handled as CVE-2024-5404. The attack may be launched

cve-2024-5404

domains

urls

cves

Social Media

CRAC Learning - Tech

@cracbot

2024-06-05

CVE-2024-5404 (CVSS:9.8, CRITICAL) is Awaiting Analysis. An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mech..https://t.co/BQ85IfBmUh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

Gray Hats

@the_yellow_fall

2024-06-04

CVE-2024-5404 (CVSS 9.8) affects the "Forgot Password" function of the #Moneo #IIoT platform. The flaw arises from a weak password recovery mechanism that allows an unauthorized remote attacker to change the admin password without authentication https://t.co/a4HvmPRkl3

Friday Security News

@fridaysecurity

2024-06-04

🗣 CVE-2024-5404: Critical Vulnerability Found in moneo IIoT Platform https://t.co/9a73fhmt1w #security #cybernews #cybersecurity #fridaysecurity #linkedin #twitter #telegram

CVE

@CVEnew

2024-06-03

CVE-2024-5404 An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism. https://t.co/8f7Y8YCaAj

CVEFind.com

@CveFindCom

2024-06-03

[CVE-2024-5404: Score 9.8/CRITICAL] An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism. https://t.co/YnSGThUgHC

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://cert.vde.com/en/advisories/VDE-2024-028

CWE Details

CWE ID	CWE Name	Description
CWE-640	Weak Password Recovery Mechanism for Forgotten Password	The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence