CVERadar

CVE-2024-8450

Critical Severity

SVRS

84/100

CVSSv3

9.8/10

EPSS

0.00244/1

CVE-2024-8450 is a critical security vulnerability found in PLANET Technology switch models. This flaw involves a hard-coded community string within the SNMPv1 service, granting unauthorized remote attackers read-write access. SOCRadar's Vulnerability Risk Score (SVRS) for this CVE is 84, indicating immediate action is required to mitigate the risk. This high score, exceeding the critical threshold of 80, reflects the severe implications of potential exploitation. The presence of a hard-coded string allows malicious actors to bypass normal security measures. Successful exploitation allows an attacker to read system configuration and potentially change it, leading to device compromise or network disruption. CVE-2024-8450 poses a significant threat due to the ease of exploitation and the potential for widespread impact on vulnerable PLANET Technology devices.

TAGS

In The Wild

VECTOR STRING

CVSS:3.1

AV:N

AC:L

PR:N

UI:N

S:U

C:H

I:H

A:H

PUBLICATION DATE2024-09-30

LAST MODIFIED2024-10-04

SOCRadar

AI Insight

Description

CVE-2024-8450 is a vulnerability in certain switch models from PLANET Technology. It allows unauthorized remote attackers to access the SNMPv1 service with read-write privileges due to a hard-coded community string. The CVSS score is 8.6, indicating a high severity level. However, the SOCRadar Vulnerability Risk Score (SVRS) is 50, suggesting a moderate risk.

Key Insights

Unauthorized Access: The vulnerability allows attackers to gain unauthorized access to the SNMPv1 service, potentially enabling them to modify or disrupt network configurations.
Remote Exploitation: The vulnerability can be exploited remotely, making it easier for attackers to target devices without physical access.
Privilege Escalation: The read-write privileges granted by the vulnerability could allow attackers to escalate their privileges and gain control of the affected device.

Mitigation Strategies

Update Firmware: Apply the latest firmware updates from PLANET Technology to patch the vulnerability.
Disable SNMPv1: If possible, disable the SNMPv1 service on affected devices to prevent exploitation.
Use Strong Passwords: Configure strong passwords for the SNMPv1 community string to make it more difficult for attackers to guess.
Network Segmentation: Implement network segmentation to limit the impact of a potential compromise.

Additional Information

Threat Actors/APT Groups: No specific threat actors or APT groups have been identified as actively exploiting this vulnerability.
Exploit Status: Active exploits have not been published.
CISA Warnings: The Cybersecurity and Infrastructure Security Agency (CISA) has not issued a warning for this vulnerability.
In the Wild: The vulnerability is not known to be actively exploited in the wild.

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-8450 | PLANET Technology GS-4210-24P2S Hardware 3.0 SNMPv1 Service hard-coded credentials

vuldb.com2024-09-30

CVE-2024-8450 | PLANET Technology GS-4210-24P2S Hardware 3.0 SNMPv1 Service hard-coded credentials | A vulnerability classified as critical was found in PLANET Technology GS-4210-24PL4C Hardware 2.0 and GS-4210-24P2S Hardware 3.0. This vulnerability affects unknown code of the component SNMPv1 Service. The manipulation leads to hard-coded credentials. This vulnerability was named CVE-2024-8450. The

cve-2024-8450

domains

urls

cves

Social Media

CRAC Learning - Tech

@cracbot

2024-10-02

CVE-2024-8450 (CVSS:8.6, HIGH) is Undergoing Analysis. Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthor..https://t.co/uNJEUOPQxq #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

CVE

@CVEnew

2024-09-30

CVE-2024-8450 Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this community stri… https://t.co/DrClNOw2Zf

Affected Software

No affected software found for this CVE

References

Reference	Link
[email protected]	https://www.twcert.org.tw/en/cp-139-8050-52f32-2.html
[email protected]	https://www.twcert.org.tw/tw/cp-132-8049-83fe4-1.html

CWE Details

CWE ID	CWE Name	Description
CWE-798	Use of Hard-coded Credentials	The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence