Vulnerability Description
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Unitronics | Unilogic | < 1.35.227 |
Related Weaknesses (CWE)
References
- https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistThird Party Advisory
- https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=Third Party Advisory
- https://claroty.com/team82/blog/new-critical-vulnerabilities-in-unitronics-unistThird Party Advisory
- https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=Third Party Advisory
FAQ
What is CVE-2024-27774?
CVE-2024-27774 is a vulnerability with a CVSS score of 7.5 (HIGH). Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware
How severe is CVE-2024-27774?
CVE-2024-27774 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-27774?
Check the references section above for vendor advisories and patch information. Affected products include: Unitronics Unilogic.