CVE-2024-45273: MB connect line/Helmholz: Weak encryption of configuration file
First published: Tue Oct 15 2024(Updated: )
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.
Credit: info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Mbconnectline Mbnet.mini Firmware | <2.3.1 | |
| Mbconnectline Mbnet.mini | ||
| Helmholz Myrex24 V2 Virtual Server | <2.16.3 | |
| All of | ||
| Helmholz Rex 300 Firmware | <=5.1.11 | |
| Helmholz Rex 300 | ||
| All of | ||
| Helmholz Rex 200 Firmware | <8.2.1 | |
| Helmholz REX 200 | ||
| All of | ||
| Helmholz Rex 250 Firmware | <8.2.1 | |
| Helmholz Rex 250 | ||
| All of | ||
| Helmholz Rex 100 Firmware | <2.3.1 | |
| Helmholz Rex 100 | ||
| Mbconnectline Mbconnect24 | <2.16.3 | |
| Mbconnectline Mymbconnect24 | <2.16.3 | |
| All of | ||
| Mbconnectline Mbspider Mdh 905 Firmware | <=2.6.5 | |
| Mbconnectline Mbspider Mdh 905 | ||
| All of | ||
| Mbconnectline Mbspider Mdh 915 Firmware | <=2.6.5 | |
| Mbconnectline Mbspider Mdh 915 | ||
| All of | ||
| Mbconnectline Mbspider Mdh 906 Firmware | <=2.6.5 | |
| Mbconnectline Mbspider Mdh 906 | ||
| All of | ||
| Mbconnectline Mbspider Mdh 916 Firmware | <=2.6.5 | |
| Mbconnectline Mbspider Mdh 916 | ||
| All of | ||
| Mbconnectline Mbnet Hw1 Firmware | <=5.1.11 | |
| Mbconnectline Mbnet Hw1 | ||
| All of | ||
| Mbconnectline Mbnet Firmware | <8.2.1 | |
| Mbconnectline Mbnet | ||
| All of | ||
| Mbconnectline Mbnet.rokey Firmware | <8.2.1 | |
| Mbconnectline Mbnet.rokey |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mbconnectline
- canonical/mbconnectline mbnet.mini firmware
- canonical/mbconnectline mbnet.mini
- vendor/helmholz
- canonical/helmholz myrex24 v2 virtual server
- canonical/helmholz rex 300 firmware
- version/helmholz rex 300 firmware/5.1.11
- canonical/helmholz rex 300
- canonical/helmholz rex 200 firmware
- canonical/helmholz rex 200
- canonical/helmholz rex 250 firmware
- canonical/helmholz rex 250
- canonical/helmholz rex 100 firmware
- canonical/helmholz rex 100
- canonical/mbconnectline mbconnect24
- canonical/mbconnectline mymbconnect24
- canonical/mbconnectline mbspider mdh 905 firmware
- version/mbconnectline mbspider mdh 905 firmware/2.6.5
- canonical/mbconnectline mbspider mdh 905
- canonical/mbconnectline mbspider mdh 915 firmware
- version/mbconnectline mbspider mdh 915 firmware/2.6.5
- canonical/mbconnectline mbspider mdh 915
- canonical/mbconnectline mbspider mdh 906 firmware
- version/mbconnectline mbspider mdh 906 firmware/2.6.5
- canonical/mbconnectline mbspider mdh 906
- canonical/mbconnectline mbspider mdh 916 firmware
- version/mbconnectline mbspider mdh 916 firmware/2.6.5
- canonical/mbconnectline mbspider mdh 916
- canonical/mbconnectline mbnet hw1 firmware
- version/mbconnectline mbnet hw1 firmware/5.1.11
- canonical/mbconnectline mbnet hw1
- canonical/mbconnectline mbnet firmware
- canonical/mbconnectline mbnet
- canonical/mbconnectline mbnet.rokey firmware
- canonical/mbconnectline mbnet.rokey