cvelistv5 - cve-2024-2658

CVE-2024-2658 (GCVE-0-2024-2658)

Vulnerability from cvelistv5

Published

2025-01-30 17:11

Modified

2025-01-30 19:22

Severity ?

8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-427 - Uncontrolled Search Path Element

Summary

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.

References

URL

	Vendor	Product	Version
	Flexera	FlexNet Publisher	Version: 0 < 2024 R1 (11.19.6.0)

icsa-25-037-02

Vulnerability from csaf_cisa

Published

2025-02-06 07:00

Modified

2025-10-23 06:00

Summary

Schneider Electric EcoStruxure (Update C)

Notes

Legal Notice and Terms of Use

This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).

Risk evaluation

Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL.

Critical infrastructure sectors

Commercial Facilities, Energy, Food and Agriculture, Government Services and Facilities, Transportation Systems, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

France

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Xavier DANEST"
        ],
        "organization": "Trend Micro Zero Day Initiative",
        "summary": "reporting this vulnerability to Revenera PSIRT"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
        "title": "Legal Notice and Terms of Use"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability allows for local privilege escalation, which could lead to the execution of a malicious DLL.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Energy, Food and Agriculture, Government Services and Facilities, Transportation Systems, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "France",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-25-037-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2025/icsa-25-037-02.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSA-25-037-02 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-037-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/secure-our-world/teach-employees-avoid-phishing"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks"
      }
    ],
    "title": "Schneider Electric EcoStruxure (Update C)",
    "tracking": {
      "current_release_date": "2025-10-23T06:00:00.000000Z",
      "generator": {
        "date": "2025-10-23T16:37:38.725846Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-25-037-02",
      "initial_release_date": "2025-02-06T07:00:00.000000Z",
      "revision_history": [
        {
          "date": "2025-02-06T07:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2025-03-06T07:00:00.000000Z",
          "legacy_version": "Update A",
          "number": "2",
          "summary": "Update A - A remediation is available for EcoStruxure Process Expert. The EcoStruxure Process Expert for AVEVA System Platform offer is added to the Affected Products."
        },
        {
          "date": "2025-07-15T06:00:00.000000Z",
          "legacy_version": "Update B",
          "number": "3",
          "summary": "Update B - Pro-face BLUE is added to the \"Affected Products\" section. Remediations are now available for EcoStruxure Control Expert, EcoStruxure Operator Terminal Expert and Pro-face BLUE offers. Updated the link to the fix of EcoStruxure Control Expert Asset Link offer."
        },
        {
          "date": "2025-10-23T06:00:00.000000Z",
          "legacy_version": "Update C",
          "number": "4",
          "summary": "Update C - Remediations are now available for Zelio Soft 2 and EcoStruxure OPC UA Server Expert offers."
        }
      ],
      "status": "final",
      "version": "4"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV16.2",
                "product": {
                  "name": "Schneider Electric EcoStruxure Control Expert: \u003cV16.2",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Control Expert"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2023_V4.8.0.5715",
                "product": {
                  "name": "Schneider Electric EcoStruxure Process Expert: \u003c2023_V4.8.0.5715",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Process Expert"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Schneider Electric EcoStruxure Process Expert for AVEVA System Platform: vers:all/*",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Process Expert for AVEVA System Platform"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cSV2.01_SP3",
                "product": {
                  "name": "Schneider Electric EcoStruxure OPC UA Server Expert: \u003cSV2.01_SP3",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure OPC UA Server Expert"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV4.0_SP1",
                "product": {
                  "name": "Schneider Electric EcoStruxure Control Expert Asset Link: \u003cV4.0_SP1",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Control Expert Asset Link"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Schneider Electric EcoStruxure Machine SCADA Expert Asset Link: vers:all/*",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Machine SCADA Expert Asset Link"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV7.0.18",
                "product": {
                  "name": "Schneider Electric EcoStruxure Architecture Builder: \u003cV7.0.18",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Architecture Builder"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV4.0",
                "product": {
                  "name": "Schneider Electric EcoStruxure Operator Terminal Expert: \u003cV4.0",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Operator Terminal Expert"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV4.0",
                "product": {
                  "name": "Schneider Electric Pro-face BLUE: \u003cV4.0",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "Pro-face BLUE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV6.3_SP1_HF1",
                "product": {
                  "name": "Schneider Electric Vijeo Designer: \u003cV6.3_SP1_HF1",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "Vijeo Designer"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Schneider Electric EcoStruxure Machine Expert including EcoStruxure Machine Expert Safety: vers:all/*",
                  "product_id": "CSAFPID-0011"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Machine Expert including EcoStruxure Machine Expert Safety"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Schneider Electric EcoStruxure Machine Expert Twin: vers:all/*",
                  "product_id": "CSAFPID-0012"
                }
              }
            ],
            "category": "product_name",
            "name": "EcoStruxure Machine Expert Twin"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV5.4.3",
                "product": {
                  "name": "Schneider Electric Zelio Soft 2: \u003cV5.4.3",
                  "product_id": "CSAFPID-0013"
                }
              }
            ],
            "category": "product_name",
            "name": "Zelio Soft 2"
          }
        ],
        "category": "vendor",
        "name": "Schneider Electric"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2658",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011",
          "CSAFPID-0012",
          "CSAFPID-0013"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "www.cve.org",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2658"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Schneider Electric recommends that users of the following products follow these remediation actions:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Control Expert: Versions prior to V16.2. Version V16.2 of EcoStruxure Control Expert includes a fix for this vulnerability and is available for download here. Reboot the computer after installation is completed.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.se.com/ww/en/product-range/548-ecostruxure-control-expert-unity-pro/"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Architecture Builder: Versions prior to V7.0.18. Version V7.0.18 of EcoStruxure Architecture Builder includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://www.se.com/ww/en/product-range/195445393-ecostruxure-architecture-builder/-software-and-firmware"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Control Expert Asset Link: Versions prior to V4.0 SP1. Version V4.0 SP1 of EcoStruxure Control Expert Asset Link includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0005"
          ],
          "url": "https://www.se.com/ww/en/download/document/ECALV40SP1/"
        },
        {
          "category": "vendor_fix",
          "details": "Vijeo Designer: Version prior to V6.3 SP1 HF1. Version V6.3 SP1 HF1 of Vijeo Designer includes a fix for this vulnerability. Please contact your Schneider Electric Customer Support to get Vijeo Designer version V6.3 SP1 HF1 software.",
          "product_ids": [
            "CSAFPID-0010"
          ],
          "url": "https://www.se.com/ww/en/work/support/country-selector/contact-us.jsp"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Process Expert: Versions 2023 prior to v4.8.0.5115. Version 2023 (v4.8.0.5715) of EcoStruxure Process Expert includes a fix for this vulnerability and is available for download here. Uninstall previous version 2023 (v4.8.0.5115) before installing Version 2023 (v4.8.0.5715). Version string can be found on the engineering server console.",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://www.se.com/ww/en/product-range/65406-ecostruxure-process-expert/?subNodeId=12367182569en_WW#overview"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Process Expert: Versions prior to 2023. Version 2023 (v4.8.0.5715) of EcoStruxure Process Expert includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://www.se.com/ww/en/product-country-selector/?pageType=product-range\u0026sourceId=65406"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Operator Terminal Expert: Versions prior to v4.0. Version 4.0 of EcoStruxure Operator Terminal Expert includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0008"
          ],
          "url": "https://www.se.com/ww/en/product-range/62621-ecostruxure-operator-terminal-expert/#software-and-firmware"
        },
        {
          "category": "vendor_fix",
          "details": "Pro-face BLUE: Versions prior to v4.0. Version 4.0 of Pro-face BLUE includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "https://www.proface.com/en/hmi_design_studio/blue/page/installer"
        },
        {
          "category": "vendor_fix",
          "details": "Zelio Soft 2: Version 5.4.3 of Zelio Soft 2 includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0013"
          ],
          "url": "https://www.se.com/ww/en/product-range/542-zelio-soft/#software-and-firmware"
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure OPC UA Server Expert: Version SV2.01SP3 of EcoStruxure OPC UA Server Expert includes a fix for this vulnerability and is available for download here.",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://www.se.com/ww/en/product-range/66388-ecostruxure-opc-ua-server-expert/#software-and-firmware"
        },
        {
          "category": "mitigation",
          "details": "Customers should use appropriate patching methodologies when applying these patches to their systems. We strongly recommend the use of back-ups and evaluating the impact of these patches in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric\u0027s Customer Care Center if you need assistance removing a patch.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ],
          "url": "https://www.se.com/us/en/work/support/"
        },
        {
          "category": "mitigation",
          "details": "If customers choose not to apply the remediation provided above, they should immediately apply the followingmitigations to reduce the risk of exploit:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric is establishing a remediation plan for all future versions of the affected products that will include a fix for this vulnerability.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Process Expert for AVEVA System Platform: All versions",
          "product_ids": [
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "EcoStruxure Machine SCADA Expert - Asset Link: All versions",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Machine Expert including EcoStruxure Machine Expert Safety: All versions",
          "product_ids": [
            "CSAFPID-0011"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "EcoStruxure Machine Expert Twin: All versions",
          "product_ids": [
            "CSAFPID-0012"
          ]
        },
        {
          "category": "mitigation",
          "details": "The document will be updated when the remediation is available. Until then, customers should immediately apply the following mitigations to reduce the risk of exploit:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Limit authenticated user access to the workstation and implement existing User Account Control practices.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Follow workstation, network and site-hardening guidelines in the Recommended Cybersecurity Best Practices guide available for download here.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ],
          "url": "https://www.se.com/ww/en/download/document/7EN52-0390/?ssr=true"
        },
        {
          "category": "mitigation",
          "details": "To ensure you are informed of all updates, including details on affected products and remediation plans, subscribe to Schneider Electric\u0027s security notification service here.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ],
          "url": "https://www.se.com/en/work/support/cybersecurity/security-notifications.jsp"
        },
        {
          "category": "mitigation",
          "details": "General Security Recommendations",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Schneider Electric strongly recommends the following industry cybersecurity best practices:",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Place all controllers in locked cabinets and never leave them in the \"Program\" mode.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never connect programming software to any network other than the network intended for that device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "For more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ],
          "url": "https://www.se.com/us/en/download/document/7EN52-0390/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011",
            "CSAFPID-0012",
            "CSAFPID-0013"
          ]
        }
      ]
    }
  ]
}

fkie_cve-2024-2658

Vulnerability from fkie_nvd

Published

2025-01-30 17:15

Modified

2025-01-30 17:15

Severity ?

8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Summary

References

	URL	Tags
	PSIRT-CNA@flexerasoftware.com	https://community.flexera.com/s/article/cve-2024-2658-flexnet-publisher-potential-local-privilege-escalation-issue
	PSIRT-CNA@flexerasoftware.com	https://www.zerodayinitiative.com/advisories/ZDI-24-359/

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to\u00a02024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges."
    },
    {
      "lang": "es",
      "value": "Una configuraci\u00f3n incorrecta en lmadmin.exe de las versiones de FlexNet Publisher anteriores a 2024 R1 (11.19.6.0) permite que el archivo de configuraci\u00f3n de OpenSSL se cargue desde un directorio inexistente. Un usuario no autorizado, autenticado localmente y con privilegios bajos puede crear el directorio y cargar un archivo openssl.conf manipulado especial, lo que lleva a la ejecuci\u00f3n de una DLL maliciosa (Dynamic-Link librer\u00eda) con privilegios elevados."
    }
  ],
  "id": "CVE-2024-2658",
  "lastModified": "2025-01-30T17:15:17.670",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.5,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "PSIRT-CNA@flexerasoftware.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-30T17:15:17.670",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://community.flexera.com/s/article/cve-2024-2658-flexnet-publisher-potential-local-privilege-escalation-issue"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-359/"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "PSIRT-CNA@flexerasoftware.com",
      "type": "Secondary"
    }
  ]
}

WID-SEC-W-2024-1499

Vulnerability from csaf_certbund

Published

2024-07-01 22:00

Modified

2024-07-01 22:00

Summary

Dell NetWorker: Schwachstelle ermöglicht Privilegieneskalation

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Dell NetWorker ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Dell NetWorker ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1499 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1499.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1499 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1499"
      },
      {
        "category": "external",
        "summary": "Dell Security Update vom 2024-07-01",
        "url": "https://www.dell.com/support/kbdoc/de-de/000226576/dsa-2024-007-security-update-for-dell-networker-license-server-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell NetWorker: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-07-01T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:10:48.130+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1499",
      "initial_release_date": "2024-07-01T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "EMC License Server \u003c3.7.8",
                "product": {
                  "name": "Dell NetWorker EMC License Server \u003c3.7.8",
                  "product_id": "T035755"
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2658",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Dell NetWorker. Diese Fehler betrifft den FlexNet Publisher aufgrund eines unkontrollierten Suchpfad-Elements in lmadmin.exe, das zur Ausf\u00fchrung einer b\u00f6sartigen Dynamic Link Library (DLL) f\u00fchren kann. Ein lokaler Angreifer k\u00f6nnte diese Sicherheitsl\u00fccke ausnutzen, um erweiterte Rechte zu erlangen."
        }
      ],
      "release_date": "2024-07-01T22:00:00.000+00:00",
      "title": "CVE-2024-2658"
    }
  ]
}

wid-sec-w-2024-1499

Vulnerability from csaf_certbund

Published

2024-07-01 22:00

Modified

2024-07-01 22:00

Summary

Dell NetWorker: Schwachstelle ermöglicht Privilegieneskalation

Notes

Produktbeschreibung

Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.

Angriff

Ein lokaler Angreifer kann eine Schwachstelle in Dell NetWorker ausnutzen, um seine Privilegien zu erhöhen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell NetWorker stellt zentralisiert Backup- und Recovery-Dienste bereit.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann eine Schwachstelle in Dell NetWorker ausnutzen, um seine Privilegien zu erh\u00f6hen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1499 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1499.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1499 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1499"
      },
      {
        "category": "external",
        "summary": "Dell Security Update vom 2024-07-01",
        "url": "https://www.dell.com/support/kbdoc/de-de/000226576/dsa-2024-007-security-update-for-dell-networker-license-server-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell NetWorker: Schwachstelle erm\u00f6glicht Privilegieneskalation",
    "tracking": {
      "current_release_date": "2024-07-01T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:10:48.130+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1499",
      "initial_release_date": "2024-07-01T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "EMC License Server \u003c3.7.8",
                "product": {
                  "name": "Dell NetWorker EMC License Server \u003c3.7.8",
                  "product_id": "T035755"
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2658",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Dell NetWorker. Diese Fehler betrifft den FlexNet Publisher aufgrund eines unkontrollierten Suchpfad-Elements in lmadmin.exe, das zur Ausf\u00fchrung einer b\u00f6sartigen Dynamic Link Library (DLL) f\u00fchren kann. Ein lokaler Angreifer k\u00f6nnte diese Sicherheitsl\u00fccke ausnutzen, um erweiterte Rechte zu erlangen."
        }
      ],
      "release_date": "2024-07-01T22:00:00.000+00:00",
      "title": "CVE-2024-2658"
    }
  ]
}

gsd-2024-2658

Vulnerability from gsd

Modified

2024-04-02 05:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-2658

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-2658"
      ],
      "id": "GSD-2024-2658",
      "modified": "2024-04-02T05:02:53.200364Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-2658",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

CERTFR-2025-AVI-0034

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Schneider Electric	N/A	BMXNOE0110 toutes versions pour la vulnérabilité CVE-2024-12142
Schneider Electric	N/A	Modicon M580/Quantum communication modules BMXCRA BMXCRA31200 toutes versions pour la vulnérabilité CVE-2021-29999
Schneider Electric	N/A	EcoStruxureTM Control Expert Asset Link versions antérieures à 4.0 SP1 pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Modicon Quantum communication modules 140CRA 140CRA31200 toutes versions pour la vulnérabilité CVE-2021-29999
Schneider Electric	N/A	Modicon M340 processors (part numbers BMXP34*) toutes versions pour la vulnérabilité CVE-2024-12142
Schneider Electric	N/A	EcoStruxureTM Machine SCADA Expert Asset Link toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Pro-face GP-Pro EX toutes versions pour la vulnérabilité CVE-2024-12399
Schneider Electric	N/A	BMENOR2200H toutes versions pour la vulnérabilité CVE-2024-11425
Schneider Electric	N/A	EcoStruxure OPC UA Server Expert toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	EcoStruxureTM Process Expert toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Pro-face Remote HMI toutes versions pour la vulnérabilité CVE-2024-12399
Schneider Electric	N/A	EcoStruxureTM Control Expert versions antérieures à 16.1
Schneider Electric	N/A	EcoStruxure Machine Expert including EcoStruxureTM Machine Expert Safety toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	EVLink Pro AC versions antérieures à 1.3.10
Schneider Electric	N/A	Modicon M580 CPU (part numbers BMEP* et BMEH*, excluding M580 CPU Safety) versions antérieures à 4.30 pour la vulnérabilité CVE-2024-11425
Schneider Electric	N/A	EcoStruxure Machine Expert Twin toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	BMXNOR0200H versions antérieures à 1.70IR26
Schneider Electric	N/A	EcoStruxure Operator Terminal Expert toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Modicon M580/Quantum communication modules BMXCRA BMXCRA31210 toutes versions pour la vulnérabilité CVE-2021-29999
Schneider Electric	N/A	BMXNOE0100 toutes versions pour la vulnérabilité CVE-2024-12142
Schneider Electric	N/A	Vijeo Designer toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Modicon M580 CPU Safety (part numbers BMEP58S et BMEH58S) versions antérieures à 4.21 pour la vulnérabilité CVE-2024-11425
Schneider Electric	N/A	Zelio Soft 2 toutes versions pour la vulnérabilité CVE-2024-2658
Schneider Electric	N/A	Modicon M580 communication modules BMENOC BMENOC0321 versions antérieures à 1.10
Schneider Electric	N/A	EcoStruxure Architecture Builder versions antérieures à 7.0.18
Schneider Electric	N/A	Modicon Quantum communication modules 140CRA 140CRA31908 toutes versions pour la vulnérabilité CVE-2021-29999
Schneider Electric	N/A	Modicon M580 communication modules BMECRA BMECRA31210 toutes versions pour la vulnérabilité CVE-2021-29999

References

Title

Publication Time

ghsa-2795-pjw4-5495

Vulnerability from github

Published

2025-01-30 18:32

Modified

2025-01-30 18:32

Severity ?

8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-2658"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-30T17:15:17Z",
    "severity": "HIGH"
  },
  "details": "A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to\u00a02024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated privileges.",
  "id": "GHSA-2795-pjw4-5495",
  "modified": "2025-01-30T18:32:08Z",
  "published": "2025-01-30T18:32:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2658"
    },
    {
      "type": "WEB",
      "url": "https://community.flexera.com/s/article/cve-2024-2658-flexnet-publisher-potential-local-privilege-escalation-issue"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-359"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-2658 (GCVE-0-2024-2658)

Vulnerability from cvelistv5

icsa-25-037-02

Vulnerability from csaf_cisa

fkie_cve-2024-2658

Vulnerability from fkie_nvd

WID-SEC-W-2024-1499

Vulnerability from csaf_certbund

wid-sec-w-2024-1499

Vulnerability from csaf_certbund

gsd-2024-2658

Vulnerability from gsd

CERTFR-2025-AVI-0034

Vulnerability from certfr_avis

Solutions

ghsa-2795-pjw4-5495

Vulnerability from github

Tags

Sightings

Nomenclature