Vulnerability Description
Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services with the privileges of a Powerpanel business application.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cyberpower | Powerpanel | <= 4.9.0 |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01Third Party AdvisoryUS Government Resource
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windowsProduct
- https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01Third Party AdvisoryUS Government Resource
- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windowsProduct
FAQ
What is CVE-2024-32053?
CVE-2024-32053 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Hard-coded credentials are used by the CyberPower PowerPanel platform to authenticate to the database, other services, and the cloud. This could result in an attacker gaining access to services ...
How severe is CVE-2024-32053?
CVE-2024-32053 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-32053?
Check the references section above for vendor advisories and patch information. Affected products include: Cyberpower Powerpanel.