CVE-2024-2462
published 2024-06-11CVE-2024-2462: Allow attackers to intercept or falsify data exchanges between the client and the server
PriorityP425medium6.8CVSS 4.0
AVPACLATNPRNUIAVCLVINVAHSCLSINSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.22%
12.2th percentile
Allow attackers to intercept or falsify data exchanges between the client
and the server
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hitachi_energy | ecst | — | — |
| hitachi_energy | fox61x | < FOX61x R16B | FOX61x R16B |
| hitachi_energy | foxcst | < FOXCST_16.2.1 | FOXCST_16.2.1 |
| hitachi_energy | foxman-un | <= FOXMAN-UN R16B PC2 | — |
| hitachi_energy | foxman-un | — | — |
| hitachi_energy | foxman-un | — | — |
| hitachi_energy | unem | <= UNEM R16B PC2 | — |
| hitachi_energy | unem | — | — |
| hitachi_energy | unem | — | — |
| hitachi_energy | xmc20 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x9q2-9wf7-rmvq: Allow attackers to intercept or falsify data exchanges between the client
and the server
ghsa_unreviewed·2024-06-11
CVE-2024-2462 CWE-297 GHSA-x9q2-9wf7-rmvq: Allow attackers to intercept or falsify data exchanges between the client
and the server
Allow attackers to intercept or falsify data exchanges between the client
and the server
CISA ICS
Hitachi Energy UNEM/ECST
cisa_ics·2025-03-04·CVSS 6.8
[MEDIUM] Hitachi Energy UNEM/ECST
ICS Advisory
##
Hitachi Energy UNEM/ECST
Release DateMarch 04, 2025
Alert CodeICSA-25-063-05
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.8
- ATTENTION: Low Attack Complexity
- Vendor: Hitachi Energy
- Equipment: XMC20, ECST, UNEM
- Vulnerability: Improper Validation of Certificate with Host Mismatch
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers to intercept or falsify data exchanges between the client and the server.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports that the following products are affected:
- XMC20: Versions prior to R16B
- ECST: Versions prior to 16.2.1
- UNEM: Versions prior to
CISA ICS
Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products
cisa_ics·2025-01-16·CVSS 6.8
[MEDIUM] Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products
ICS Advisory
##
Hitachi Energy FOX61x, FOXCST, and FOXMAN-UN Products
Release DateJanuary 16, 2025
Alert CodeICSA-25-016-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 4.9
- ATTENTION: Low attack complexity
- Vendor: Hitachi Energy
- Equipment: FOX61x, FOXCST, FOXMAN-UN
- Vulnerability: Improper Validation of Certificate with Host Mismatch
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attackers to intercept or falsify data exchanges between the client and the server.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Hitachi Energy reports that the following products are affected:
- FOX61x: Versions prior to R16B
- FOXCST: Versions
Suricata
ET MALWARE Backdoor.Win32.Sykipot Checkin
suricata·2011-12-09
CVE-2011-2462 ET MALWARE Backdoor.Win32.Sykipot Checkin
ET MALWARE Backdoor.Win32.Sykipot Checkin
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor.Win32.Sykipot Checkin"; flow:established,to_server; http.uri; content:"allow_get.asp?name="; fast_pattern; content:"&hostname="; distance:0; http.header_names; to_lowercase; content:!"|0d 0a|referer|0d 0a|"; reference:cve,2011-2462; reference:url,blog.9bplus.com/analyzing-cve-2011-2462; reference:url,contagiodump.blogspot.com/2011/12/adobe-zero-day-cve-2011-2462.html; classtype:command-and-control; sid:2014006; rev:6; metadata:created_at 2011_12_09, cve CVE_2011_2462, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_27;)
Suricata
ET MALWARE Backdoor.Win32.Sykipot Put
suricata·2011-12-09
CVE-2011-2462 ET MALWARE Backdoor.Win32.Sykipot Put
ET MALWARE Backdoor.Win32.Sykipot Put
Rule: alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Backdoor.Win32.Sykipot Put"; flow:established,to_server; http.uri; content:"/kys_allow_put.asp?type="; content:"&hostname="; reference:cve,2011-2462; reference:url,blog.9bplus.com/analyzing-cve-2011-2462; reference:url,contagiodump.blogspot.com/2011/12/adobe-zero-day-cve-2011-2462.html; classtype:trojan-activity; sid:2014007; rev:4; metadata:created_at 2011_12_09, cve CVE_2011_2462, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06;)
No public exploits indexed.
No writeups or analysis indexed.
2024-06-11
Published