{"vulnerability": "CVE-2024-41794", "sightings": [{"uuid": "0eac333a-1c35-4ae4-ba39-8e4e5d7ef32c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114302183086997696", "content": "", "creation_timestamp": "2025-04-08T11:48:22.164943Z"}, {"uuid": "8251ee93-065b-475c-9465-b59bccba280d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcgsnmq422q", "content": "", "creation_timestamp": "2025-04-08T12:07:11.791640Z"}, {"uuid": "da71258f-9fd3-44fb-b144-8573feb0e3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-06", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "c9025b6c-9b0e-4dfe-8c8e-663eb4cda88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lmc6mamzfi2h", "content": "", "creation_timestamp": "2025-04-08T09:40:26.174430Z"}, {"uuid": "25810a8b-9012-4474-bb66-662af0c8f17f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-41794\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating system with root privileges. This could allow unauthenticated remote attackers to gain full access to a device, if they are in possession of these credentials and if the ssh service is enabled (e.g., by exploitation of CVE-2024-41793).\n\ud83d\udccf Published: 2025-04-08T08:22:11.279Z\n\ud83d\udccf Modified: 2025-04-08T08:22:11.279Z\n\ud83d\udd17 References:\n1. https://cert-portal.siemens.com/productcert/html/ssa-187636.html", "creation_timestamp": "2025-04-08T08:46:42.000000Z"}, {"uuid": "aa430ade-660f-466b-ac0b-30239f30a07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114308178260624821", "content": "", "creation_timestamp": "2025-04-09T13:13:00.980450Z"}, {"uuid": "ffda39e3-0d76-46e4-b654-03f9d0fa2f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114308245161736730", "content": "", "creation_timestamp": "2025-04-09T13:30:01.617666Z"}, {"uuid": "aaa8aaae-430e-48bf-be01-56ce3585f146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://t.me/ics_cert/1108", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0648\u0644\u0641\u0647 Data Manager \u062f\u0631 \u0645\u06cc\u0627\u0646 \u0627\u0641\u0632\u0627\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0686\u0646\u062f \u0645\u0646\u0638\u0648\u0631\u0647 SENTRON 7KT PAC1260 \u0632\u06cc\u0645\u0646\u0633 \u0628\u0631\u0627\u06cc \u0627\u0646\u062f\u0627\u0632\u0647 \u06af\u06cc\u0631\u06cc \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0627\u0644\u06a9\u062a\u0631\u06cc\u06a9\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.\n\nBDU: 2025-04081\nCVE-2024-41794\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0633\u062e\u062a.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-187636.pdf\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-14T17:19:22.000000Z"}, {"uuid": "a5623720-d1da-4924-8324-eba3da250fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41794", "type": "seen", "source": "https://t.me/ics_cert/1096", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0648\u0644\u0641\u0647 Data Manager \u062f\u0631 \u0645\u06cc\u0627\u0646 \u0627\u0641\u0632\u0627\u0631 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627\u06cc \u0686\u0646\u062f \u0645\u0646\u0638\u0648\u0631\u0647 SENTRON 7KT PAC1260 \u0632\u06cc\u0645\u0646\u0633 \u0628\u0631\u0627\u06cc \u0627\u0646\u062f\u0627\u0632\u0647 \u06af\u06cc\u0631\u06cc \u067e\u0627\u0631\u0627\u0645\u062a\u0631\u0647\u0627\u06cc \u0634\u0628\u06a9\u0647 \u0627\u0644\u06a9\u062a\u0631\u06cc\u06a9\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.\n\nBDU: 2025-04081\nCVE-2024-41794\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH.\n- \u062a\u0642\u0633\u06cc\u0645 \u0628\u0646\u062f\u06cc \u0634\u0628\u06a9\u0647 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06cc\u06a9 \u062f\u0633\u062a\u06af\u0627\u0647 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0632 \u0632\u06cc\u0631\u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062f\u06cc\u06af\u0631.\n- \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u067e\u0631\u0648\u062a\u06a9\u0644 SSH \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0634\u062f\u0647 \u0633\u062e\u062a.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-187636.pdf\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-09T20:20:13.000000Z"}]}