Zero-day vulnerability in UD-LT1/EX

Inclusion of Undocumented Features or Chicken Bits
CVE-2024-52564

Vulnerability details

Advisory: SB2024120409 - Inclusion of Undocumented Features or Chicken Bits in I-O DATA UD-LT1 and UD-LT1/EX

Vulnerable component: UD-LT1/EX

CVE-ID: CVE-2024-52564

CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C

CWE-ID: CWE-1242 - Inclusion of Undocumented Features or Chicken Bits

Description:

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to inclusion of undocumented features. A remote attacker can disable the firewall function on the target products.

Note, the vulnerability is being actively exploited in the wild.