1. Home
  2. CVE Database
  3. CVE-2024-41156
LOW · 2.7

CVE-2024-41156

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. P...

Vulnerability Description

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access.

CVSS Score

2.7

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HitachienergyTro610 Firmware>= 9.1.0.0, < 9.2.0.5
HitachienergyTro610-
HitachienergyTro620 Firmware>= 9.1.0.0, < 9.2.0.5
HitachienergyTro620-
HitachienergyTro670 Firmware>= 9.1.0.0, < 9.2.0.5
HitachienergyTro670-

Related Weaknesses (CWE)

CWE-212

References

FAQ

What is CVE-2024-41156?

CVE-2024-41156 is a vulnerability with a CVSS score of 2.7 (LOW). Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. P...

How severe is CVE-2024-41156?

CVE-2024-41156 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-41156?

Check the references section above for vendor advisories and patch information. Affected products include: Hitachienergy Tro610 Firmware, Hitachienergy Tro610, Hitachienergy Tro620 Firmware, Hitachienergy Tro620, Hitachienergy Tro670 Firmware.