cbcvebase.
CVE-2024-45273
published 2024-10-15

CVE-2024-45273: An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

PriorityP342high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.09%
0.7th percentile
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

Affected

26 ranges· showing 25
VendorProductVersion rangeFixed in
helmholzmyrex24.virtual0.0.0 – <= 2.16.2
helmholzmyrex24_v20.0.0 – <= 2.16.2
helmholzmyrex24_v2_virtual_server< 2.16.32.16.3
helmholzrex1000.0.0 – <= 2.2.13
helmholzrex200_2500.0.0 – <= 8.2.0
helmholzrex3000.0.0 – <= 5.1.11
helmholzrex_100_firmware< 2.3.12.3.1
helmholzrex_200_firmware< 8.2.18.2.1
helmholzrex_250_firmware< 8.2.18.2.1
helmholzrex_300_firmware<= 5.1.11
mb_connect_linembconnect240.0.0 – 2.16.2
mb_connect_linembnet.mini0.0.0 – 2.2.13
mb_connect_linembnet_hw10.0.0 – 5.1.11
mb_connect_linembnet_mbnet.rokey0.0.0 – 8.2.0
mb_connect_linembspider0.0.0 – 2.6.5
mb_connect_linemymbconnect240.0.0 – 2.16.2
mbconnectlinembconnect24< 2.16.32.16.3
mbconnectlinembnet.mini_firmware< 2.3.12.3.1
mbconnectlinembnet.rokey_firmware< 8.2.18.2.1
mbconnectlinembnet_firmware< 8.2.18.2.1
mbconnectlinembnet_hw1_firmware<= 5.1.11
mbconnectlinembspider_mdh_905_firmware<= 2.6.5
mbconnectlinembspider_mdh_906_firmware<= 2.6.5
mbconnectlinembspider_mdh_915_firmware<= 2.6.5
mbconnectlinembspider_mdh_916_firmware<= 2.6.5
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.