VDE-2024-038

Vulnerability from csaf_pepperlfuchsse - Published: 2024-07-10 06:00 - Updated: 2025-08-27 10:00
Summary
Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation
Notes
Summary: Critical vulnerabilities has been discovered in the product, mainly caused by ananonymous FTP server and Telnet access.The impact of the vulnerabilities on the affected device may result in Information disclosure Denial of service Device manipulation
Impact: Pepperl+Fuchs analyzed and identified affected devices. An attacker can read out images, serial number of the device, version numbers of firmware and OS log-files, configuration stop processes, read out, delete and change data.
Mitigation: An external protective measure is required. Minimize network exposure for affected products and ensure that they are not accessible via the Internet. Isolate affected products from the corporate network. If remote access is required, use secure methods such as virtual private networks (VPNs).
CVE-2024-6421

An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-522 - Insufficiently Protected Credentials
Mitigation An external protective measure is required. Minimize network exposure for affected products and ensure that they are not accessible via the Internet. Isolate affected products from the corporate network. If remote access is required, use secure methods such as virtual private networks (VPNs).
CVE-2024-6422

An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.

9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-306 - Missing Authentication for Critical Function
Mitigation An external protective measure is required. Minimize network exposure for affected products and ensure that they are not accessible via the Internet. Isolate affected products from the corporate network. If remote access is required, use secure methods such as virtual private networks (VPNs).
References
Acknowledgments
CERT@VDE certvde.com
BMW AG
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "organization": "BMW AG",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Critical vulnerabilities has been discovered in the product, mainly caused by ananonymous FTP server and Telnet access.The impact of the vulnerabilities on the affected device may result in\n\nInformation disclosure\nDenial of service\nDevice manipulation",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Pepperl+Fuchs analyzed and identified affected devices.\nAn attacker can\n\nread out images, serial number of the device, version numbers of firmware and OS log-files, configuration\nstop processes,\nread out, delete and change data.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
        "title": "Mitigation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "cert@pepperl-fuchs.com",
      "name": "Pepperl+Fuchs SE",
      "namespace": "https://www.pepperl-fuchs.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2024-038: Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-038/"
      },
      {
        "category": "self",
        "summary": "VDE-2024-038: Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation - CSAF",
        "url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-038.json"
      },
      {
        "category": "external",
        "summary": "Pepperl+Fuchs PSIRT",
        "url": "https://www.pepperl-fuchs.com/de-de/support/benachrichtigungen-und-updates/cybersecurity-information-and-reporting-gp43254"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
        "url": "https://certvde.com/en/advisories/vendor/pepperl-fuchs/"
      }
    ],
    "title": "Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation",
    "tracking": {
      "aliases": [
        "VDE-2024-038"
      ],
      "current_release_date": "2025-08-27T10:00:00.000Z",
      "generator": {
        "date": "2025-08-28T07:37:26.761Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.34"
        }
      },
      "id": "VDE-2024-038",
      "initial_release_date": "2024-07-10T06:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-07-10T06:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial revision."
        },
        {
          "date": "2025-08-27T10:00:00.000Z",
          "number": "1.1.0",
          "summary": "Update: CWE from CVE-2024-6421, Revision History"
        }
      ],
      "status": "final",
      "version": "1.1.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OIT1500-F113-B12-CB",
                "product": {
                  "name": "OIT1500-F113-B12-CB",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "194233"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "OIT200-F113-B12-CB",
                "product": {
                  "name": "OIT200-F113-B12-CB",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "194231"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "OIT500-F113-B12-CB",
                "product": {
                  "name": "OIT500-F113-B12-CB",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "194232"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "OIT700-F113-B12-CB",
                "product": {
                  "name": "OIT700-F113-B12-CB",
                  "product_id": "CSAFPID-11004",
                  "product_identification_helper": {
                    "model_numbers": [
                      "295845"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=V2.11.0",
                "product": {
                  "name": "Firmware \u003c= V2.11.0",
                  "product_id": "CSAFPID-21001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Pepperl+Fuchs"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ],
        "summary": "Affected products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c= V2.11.0 installed on OIT1500-F113-B12-CB",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c= V2.11.0 installed on OIT200-F113-B12-CB",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c= V2.11.0 installed on OIT500-F113-B12-CB",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c= V2.11.0 installed on OIT700-F113-B12-CB",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11004"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-6421",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "description",
          "text": "An unauthenticated remote attacker can read out sensitive device information through a incorrectly configured FTP service.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2024-6421"
    },
    {
      "cve": "CVE-2024-6422",
      "cwe": {
        "id": "CWE-306",
        "name": "Missing Authentication for Critical Function"
      },
      "notes": [
        {
          "category": "description",
          "text": "An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004"
          ]
        }
      ],
      "title": "CVE-2024-6422"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.