Multiple vulnerabilities in Westermo L210-F2G

1) Cleartext transmission of sensitive information

EUVDB-ID: #VU92996

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-37183

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker with ability to intercept network traffic can gain access to sensitive data.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

L210-F2G Lynx: 4.21.0

CPE2.3

• cpe:2.3:h:westermo:l210-f2g_lynx:4.21.0:*:*:*:*:*:*:*

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper control of interaction frequency

EUVDB-ID: #VU92998

Risk: Medium

CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-35246

CWE-ID: CWE-799 - Improper Control of Interaction Frequency

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper control of interaction frequency. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

L210-F2G Lynx: 4.21.0

CPE2.3

• cpe:2.3:h:westermo:l210-f2g_lynx:4.21.0:*:*:*:*:*:*:*

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper control of interaction frequency

EUVDB-ID: #VU93000

Risk: Medium

CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-32943

CWE-ID: CWE-799 - Improper Control of Interaction Frequency

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper control of interaction frequency. A remote attacker can pass specially crafted SSH packets and perform a denial of service (DoS) attack.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

L210-F2G Lynx: 4.21.0

CPE2.3

• cpe:2.3:h:westermo:l210-f2g_lynx:4.21.0:*:*:*:*:*:*:*

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-172-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.