Vulnerability Description
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device.
CVSS Score
5.4
MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Related Weaknesses (CWE)
References
- https://www.swissphone.com/en-us/solutions/components/terminals/radio-data-modul
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-042.t
- http://seclists.org/fulldisclosure/2024/Aug/36
FAQ
What is CVE-2024-36441?
CVE-2024-36441 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device.
How severe is CVE-2024-36441?
CVE-2024-36441 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-36441?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.