An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-009 |
History
Wed, 02 Oct 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates. | An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates. |
Weaknesses | CWE-306 |
MITRE
Status: PUBLISHED
Assigner: CERTVDE
Published: 2024-04-09T08:25:46.915Z
Updated: 2024-10-02T05:26:02.183Z
Reserved: 2023-02-28T08:11:19.318Z
Link: CVE-2023-1083
Vulnrichment
Updated: 2024-08-02T05:32:46.397Z
NVD
Status : Awaiting Analysis
Published: 2024-04-09T09:15:19.937
Modified: 2024-04-09T12:48:04.090
Link: CVE-2023-1083
Redhat
No data.