CVE-2024-5313: SSH Interface Broad Exposure Over Network DoS Potential
CVE-2024-5313 Published on June 12, 2024
CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impacts are limited to port scanning and fingerprinting activities as well as attempts to perform a potential denial of service attack on the exposed SSH interface.
Vulnerability Analysis
CVE-2024-5313 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.
Weakness Type
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Products Associated with CVE-2024-5313
Want to know whenever a new CVE is published for Schneider Electric Evlink Home Firmware? stack.watch will email you.
Affected Versions
Schneider Electric EVlink Home Smart:- Version v2.0.4.1.2_131 is affected.
- Version v2.0.3.8.2_128 is affected.
- Version 2.0.4.1.2_131 is affected.
- Version 2.0.3.8.2_128 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.