The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 20 Sep 2024 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft
Microsoft windows
Smart-hmi
Smart-hmi webiq
CPEs cpe:2.3:a:smart-hmi:webiq:2.15.9:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows
Smart-hmi
Smart-hmi webiq
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


Tue, 17 Sep 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Beijerelectronics
Beijerelectronics webiq
CPEs cpe:2.3:a:beijerelectronics:webiq:2.15.19:*:*:*:*:*:*:*
Vendors & Products Beijerelectronics
Beijerelectronics webiq
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 16 Sep 2024 15:45:00 +0000

Type Values Removed Values Added
Description The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
Title WebIQ 2.15.9 Runtime on Windows - Directory Traversal Vulnerability
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published:

Updated: 2024-09-16T16:07:21.866Z

Reserved: 2024-09-12T13:59:13.908Z

Link: CVE-2024-8752

cve-icon Vulnrichment

Updated: 2024-09-16T16:07:10.358Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-16T16:15:14.040

Modified: 2024-09-20T22:42:20.367

Link: CVE-2024-8752

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.