CVE-2024-6758

Improper Privilege ManagementinSprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CERTVDECNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
sprecher-automationsprecon-e_cp-2500_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-p_dd6-2_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-c_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e_ap-2200_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e_cp-2131_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e_cp-2330_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-p_dq6-1_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-p_dl6-1_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-p_ds6-0_firmware
𝑥
< 8.71j
sprecher-automationsprecon-edir_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-t3_firmware
𝑥
< 8.71j
sprecher-automationsprecon-e-t3_ax-3110_firmware
𝑥
< 8.71j
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2407171_de.pdf