VDE-2024-031
Vulnerability from csaf_helmholzgmbhcokg - Published: 2025-03-18 11:00 - Updated: 2025-05-14 13:00Summary
Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual
Notes
Summary: The data24 service that is bundled with every installation of myREX24 V2/myREX24.virtual has two
serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity
and availability.
Impact: CVE-2024-23943: A total loss of confidentiality and integrity, for individual devices or the whole service, is
possible.
CVE-2024-23942: An attacker in possession of the device's configuration file can impersonate the real
device. This also allows to prevent the real device from connecting successful.
Mitigation: CVE-2024-23942: If the device's serial number is known to myREX24 V2/myREX24.virtual before the
downloadable configuration is created, that configuration will be encrypted allowing only the correct device to
decrypt it.
Remediation: Update to latest version: 2.16.2
CVE-2024-23943: This fix does not apply to REX 200/REX 250 devices with firmware 8.0.0 - 8.1.3. If you are using a device with this firmware, please update it to >= 8.2.0.
General Recommendation: Always use the latest available firmware version on all devices.
An unauthenticated remote attacker can gain access to the cloud API due to a lack of authentication for a critical function in the affected devices. A DoS is not possible.
9.1 (Critical)
Vendor Fix
Update to latest version: 2.16.2
CVE-2024-23943: This fix does not apply to REX 200/REX 250 devices with firmware 8.0.0 - 8.1.3. If you are using a device with this firmware, please update it to >= 8.2.0.
A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal.
5.5 (Medium)
Mitigation
CVE-2024-23942: If the device's serial number is known to myREX24 V2/myREX24.virtual before the
downloadable configuration is created, that configuration will be encrypted allowing only the correct device to
decrypt it.
References
Acknowledgments
CERT@VDE
certvde.com
MB Connect Line GmbH
mbconnectline.com/
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "MB Connect Line GmbH",
"summary": "reporting",
"urls": [
"https://mbconnectline.com/"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The data24 service that is bundled with every installation of myREX24 V2/myREX24.virtual has two\nserious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity\nand availability.",
"title": "Summary"
},
{
"category": "description",
"text": "CVE-2024-23943: A total loss of confidentiality and integrity, for individual devices or the whole service, is\npossible.\n\nCVE-2024-23942: An attacker in possession of the device\u0027s configuration file can impersonate the real\ndevice. This also allows to prevent the real device from connecting successful.",
"title": "Impact"
},
{
"category": "description",
"text": "CVE-2024-23942: If the device\u0027s serial number is known to myREX24 V2/myREX24.virtual before the\ndownloadable configuration is created, that configuration will be encrypted allowing only the correct device to\ndecrypt it.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to latest version: 2.16.2\n\nCVE-2024-23943: This fix does not apply to REX 200/REX 250 devices with firmware 8.0.0 - 8.1.3. If you are using a device with this firmware, please update it to \u003e= 8.2.0.",
"title": "Remediation"
},
{
"category": "general",
"text": "Always use the latest available firmware version on all devices.",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@helmholz.de",
"name": "Helmholz GmbH \u0026 Co. KG",
"namespace": "https://www.helmholz.de"
},
"references": [
{
"category": "external",
"summary": "Helmholz GmbH \u0026 Co. KG Advisories",
"url": "https://www.helmholz.de/en/service-support/service/security-psirt/"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Helmholz GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/helmholz"
},
{
"category": "self",
"summary": "VDE-2024-031: Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-031"
},
{
"category": "self",
"summary": "VDE-2024-031: Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual - CSAF",
"url": "https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-031.json"
}
],
"title": "Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual",
"tracking": {
"aliases": [
"VDE-2024-031"
],
"current_release_date": "2025-05-14T13:00:14.000Z",
"generator": {
"date": "2025-03-18T13:56:49.218Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.18"
}
},
"id": "VDE-2024-031",
"initial_release_date": "2025-03-18T11:00:00.000Z",
"revision_history": [
{
"date": "2025-03-18T11:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2025-03-18T14:00:00.000Z",
"number": "2",
"summary": "Update: Changed Product name"
},
{
"date": "2025-04-10T13:00:00.000Z",
"number": "3",
"summary": "Update: fixed CSAF-Reference URL, changed url in credits, removed whitespace after version operator"
},
{
"date": "2025-05-14T13:00:14.000Z",
"number": "4",
"summary": "Fix: added distribution"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "myREX24 V2",
"product": {
"name": "myREX24 V2",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "myREX24.virtual",
"product": {
"name": "myREX24.virtual",
"product_id": "CSAFPID-11002"
}
}
],
"category": "product_family",
"name": "myREX24"
},
{
"branches": [
{
"category": "product_name",
"name": "REX 200",
"product": {
"name": "REX 200",
"product_id": "CSAFPID-11003"
}
},
{
"category": "product_name",
"name": "REX 250",
"product": {
"name": "REX 250",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_family",
"name": "REX"
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version",
"name": "2.16.2",
"product": {
"name": "Firmware 2.16.2",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version_range",
"name": "\u003c2.16.2",
"product": {
"name": "Firmware \u003c2.16.2",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "8.2.0",
"product": {
"name": "Firmware 8.2.0",
"product_id": "CSAFPID-22003"
}
},
{
"category": "product_version_range",
"name": "\u003c8.2.0",
"product": {
"name": "Firmware \u003c8.2.0",
"product_id": "CSAFPID-22004"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Helmholz GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.16.2 installed on myREX24 V2",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2.16.2 installed on myREX24.virtual",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.2 installed on myREX24 V2",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2.16.2 installed on myREX24.virtual",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.0 installed on REX 200",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-11003",
"relates_to_product_reference": "CSAFPID-22003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 8.2.0 installed on REX 250",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-11004",
"relates_to_product_reference": "CSAFPID-22003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.2.0 installed on REX 200",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-11003",
"relates_to_product_reference": "CSAFPID-22004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c8.2.0 installed on REX 250",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-11004",
"relates_to_product_reference": "CSAFPID-22004"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-23943",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An unauthenticated remote attacker can gain access to the cloud API due to a lack of authentication for a critical function in the affected devices. A DoS is not possible.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to latest version: 2.16.2\n\nCVE-2024-23943: This fix does not apply to REX 200/REX 250 devices with firmware 8.0.0 - 8.1.3. If you are using a device with this firmware, please update it to \u003e= 8.2.0.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004"
]
}
],
"title": "CVE-2024-23943"
},
{
"cve": "CVE-2024-23942",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "CVE-2024-23942: If the device\u0027s serial number is known to myREX24 V2/myREX24.virtual before the\ndownloadable configuration is created, that configuration will be encrypted allowing only the correct device to\ndecrypt it.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002"
]
}
],
"title": "CVE-2024-23942"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…