Main Vulnerability Database Vulnerabilities #VU101185

#VU101185 Incorrect permission assignment for critical resource in UD-LT1 and UD-LT1/EX - CVE-2024-45841

Published: December 4, 2024 / Updated: December 5, 2024

Vulnerability identifier: #VU101185

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2024-45841

CWE-ID: CWE-732

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
UD-LT1
UD-LT1/EX

Software vendor:
I-O DATA

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to incorrect permission assignment for critical resource. A remote user can access a specific file and obtain information containing credentials.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

#VU101185 Incorrect permission assignment for critical resource in UD-LT1 and UD-LT1/EX - CVE-2024-45841

Description

Remediation

External links

Please verify you're human