How severe is CVE-2024-31409?

CVE-2024-31409 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-31409

Name: powerpanel
Author: cyberpower

6.5MEDIUM

Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.

Published: 5/15/2024Updated: 8/7/2025

Description

Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.

AI AnalysisPowered by AI

Affected Products

cyberpowerpowerpanel

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
Third Party AdvisoryUS Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads
Product
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
Third Party AdvisoryUS Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads
Product