This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05 | Third Party Advisory US Government Resource |
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series | Patch Vendor Advisory |
Configurations
History
30 Sep 2024, 18:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05 - Third Party Advisory, US Government Resource | |
References | () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series - Patch, Vendor Advisory | |
CPE | cpe:2.3:a:moxa:mxview_one:*:*:*:*:*:*:*:* | |
First Time |
Moxa mxview One
Moxa |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
26 Sep 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
21 Sep 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-21 05:15
Updated : 2024-09-30 18:02
NVD link : CVE-2024-6787
Mitre link : CVE-2024-6787
CVE.ORG link : CVE-2024-6787
JSON object : View
Products Affected
moxa
- mxview_one
CWE
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition