CVE-2024-41156 LOW

CVE-2024-41156

Vendor Hitachi Energy
Product TRO600
Weakness CWE-212
Published October 29, 2024
Last update January 9, 2025

CVSS base score

2.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access.

Key dates

02Disclosure timeline

October 29, 2024 CVE published
January 9, 2025 Record updated