CVE-2024-43698 CRITICAL

CVE-2024-43698: Kieback&Peter DDC4000 Series Use of Weak Credentials

Vendor Kieback&Peter
Product DDC4040e
Weakness CWE-1391
Published October 22, 2024
Last update October 23, 2024

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated attacker to get full admin rights on the system.

Key dates

02Disclosure timeline

October 22, 2024 CVE published
October 23, 2024 Record updated