CVE-2024-45370 HIGH

CVE-2024-45370

Vendor Socomec
Product Easy Config System
Weakness CWE-302
Published December 1, 2025
Last update December 1, 2025

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N

What the vulnerability does

01Description

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

Key dates

02Disclosure timeline

December 1, 2025 CVE published
December 1, 2025 Record updated