{"vulnerability": "CVE-2024-11499", "sightings": [{"uuid": "30fe7cd5-dcb1-48fb-a2c7-1ef5595c69dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8644", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11499\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/R:A)\n\ud83d\udd39 Description: A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections.\n\nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability.\n\ud83d\udccf Published: 2025-03-25T12:30:42.034Z\n\ud83d\udccf Modified: 2025-03-25T13:11:58.573Z\n\ud83d\udd17 References:\n1. https://publisher.hitachienergy.com/preview?DocumentId=8DBD000207&languageCode=en&Preview=true", "creation_timestamp": "2025-03-25T13:23:50.000000Z"}, {"uuid": "0f7a6489-267a-4e3e-85d3-994fc312d38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-01", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "7d3ee382-af7f-4d7e-8ebb-03f43b6a4a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11499", "type": "seen", "source": "https://t.me/cvedetector/21097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11499 - RTU500 IEC 60870-4-104 Certificate Update Restart Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11499 \nPublished : March 25, 2025, 1:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections.  \n  \nThe affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T15:18:54.000000Z"}]}