How severe is CVE-2024-31409?

CVE-2024-31409 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-31409

Name: powerpanel
Author: cyberpower

6.5MEDIUM

Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.

Publicado: 5/15/2024Actualizado: 8/7/2025

Descripción

Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result in an attacker obtaining data from throughout the system after gaining access to any device.

Análisis IAImpulsado por IA

Productos Afectados

cyberpowerpowerpanel

Referencias

https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
Third Party AdvisoryUS Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads
Product
https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01
Third Party AdvisoryUS Government Resource
https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads
Product