How severe is CVE-2024-10497?

CVE-2024-10497 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-10497

8.8HIGH

CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges (Elevation of Privileg

Published: 1/17/2025Updated: 1/17/2025

Description

CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the attacker sends modified HTTPS requests to the device.

AI AnalysisPowered by AI

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-08&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-08.pdf