CVE-2024-6787 Vulnerability Details

  /     /     /  

CVE-2024-6787 Metadata Quick Info

CVE Published: 21/09/2024 | CVE Updated: 26/09/2024 | CVE Year: 2024
Source: Moxa | Vendor: Moxa | Product: MXview One Series
Status : PUBLISHED

---

CVE-2024-6787 Description

This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-367
CWE Name: CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Source: Moxa

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-29
CAPEC Description: CAPEC-29: Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions


Source: NVD (National Vulnerability Database).