Multiple vulnerabilities in TEM Opera Plus FM Family Transmitter

Published: 2024-10-07

Risk	High
Patch available	NO
Number of vulnerabilities	2
CVE-ID	CVE-2024-41988 CVE-2024-41987
CWE-ID	CWE-306 CWE-352
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Opera Plus FM Family Transmitter Hardware solutions / Firmware
Vendor	TEM

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Missing Authentication for Critical Function

EUVDB-ID: #VU98074

Risk: High

CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-41988

CWE-ID: CWE-306 - Missing Authentication for Critical Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the affected product allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. A remote attacker can overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Opera Plus FM Family Transmitter: 35.45

CPE2.3

cpe:2.3:h:tem:opera_plus_fm_family_transmitter:35.45:*:*:*:*:*:*:*

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-277-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cross-site request forgery

EUVDB-ID: #VU98075

Risk: Low

CVSSv3.1: 5.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2024-41987

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)