CVE-2024-43099 HIGH

CVE-2024-43099: AutomationDirect DirectLogic H2-DM1E Authentication Bypass by Capture-replay

Vendor Automationdirect
Product DirectLogic H2-DM1E
Weakness CWE-294
Published September 13, 2024
Last update September 13, 2024

CVSS base score

8.8/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into an ongoing authenticated session. To successfully achieve this, the attacker also needs to spoof both the IP address and MAC address of the originating host which is typical of a session-based attack.

Key dates

02Disclosure timeline

September 13, 2024 CVE published
September 13, 2024 Record updated