CVE-2024-6758
MEDIUM EPSS 35.2%
Published Aug 12, 20241y ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Published Aug 12, 2024 1y ago
Last Modified Jun 17, 2026 2w ago
Description
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability None
Threat Intelligence
EPSS Exploit Probability
35.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-266
Affected Products 24
| Vendor | Product | Version | Range |
|---|---|---|---|
| sprecher-automation | sprecon-e_cp-2500_firmware | * | <8.71j |
| sprecher-automation | sprecon-e_cp-2500 | * | any |
| sprecher-automation | sprecon-e-p_dd6-2_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-p_dd6-2 | * | any |
| sprecher-automation | sprecon-e-c_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-c | * | any |
| sprecher-automation | sprecon-e_ap-2200_firmware | * | <8.71j |
| sprecher-automation | sprecon-e_ap-2200 | * | any |
| sprecher-automation | sprecon-e_cp-2131_firmware | * | <8.71j |
| sprecher-automation | sprecon-e_cp-2131 | * | any |
| sprecher-automation | sprecon-e_cp-2330_firmware | * | <8.71j |
| sprecher-automation | sprecon-e_cp-2330 | * | any |
| sprecher-automation | sprecon-e-p_dq6-1_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-p_dq6-1 | * | any |
| sprecher-automation | sprecon-e-p_dl6-1_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-p_dl6-1 | * | any |
| sprecher-automation | sprecon-e-p_ds6-0_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-p_ds6-0 | * | any |
| sprecher-automation | sprecon-edir_firmware | * | <8.71j |
| sprecher-automation | sprecon-edir | * | any |
| sprecher-automation | sprecon-e-t3_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-t3 | * | any |
| sprecher-automation | sprecon-e-t3_ax-3110_firmware | * | <8.71j |
| sprecher-automation | sprecon-e-t3_ax-3110 | * | any |
References 1
- sprecher-automation.com https://www.sprecher-automation.com/fileadmin/itSecurity/PDF/SPR-2407171_de.pdf
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.