CVE-2024-45272

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CERTVDECNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
mbconnectlinembconnect24
𝑥
≤ 2.16.2
mbconnectlinemymbconnect24
𝑥
≤ 2.16.2
helmholzmyrex24_v2
𝑥
≤ 2.16.2
helmholzmyrex24.virtual
𝑥
≤ 2.16.2
helmholzmyrex24_v2_virtual_server
𝑥
< 2.16.3
helmholzrex_300_firmware
𝑥
≤ 5.1.11
helmholzrex_200_firmware
𝑥
< 8.2.1
helmholzrex_250_firmware
𝑥
< 8.2.1
mbconnectlinembconnect24
𝑥
< 2.16.3
mbconnectlinemymbconnect24
𝑥
< 2.16.3
mbconnectlinembspider_mdh_905_firmware
𝑥
≤ 2.6.5
mbconnectlinembspider_mdh_915_firmware
𝑥
≤ 2.6.5
mbconnectlinembspider_mdh_906_firmware
𝑥
≤ 2.6.5
mbconnectlinembspider_mdh_916_firmware
𝑥
≤ 2.6.5
mbconnectlinembnet_hw1_firmware
𝑥
≤ 5.1.11
mbconnectlinembnet_firmware
𝑥
< 8.2.1
mbconnectlinembnet.rokey_firmware
𝑥
< 8.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.vde.com/en/advisories/VDE-2024-068
https://cert.vde.com/en/advisories/VDE-2024-069
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-061.txt