CVE-2024-25972

Summary

Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected product.

Affected Software

VendorProductVersion RangeStatus
Zhejiang Uniview Technologies Co.,Ltd and Atsumi Electric Co., Ltd.OET-213H-BTS1all firmware versionsaffected

Weaknesses

  • Initialization of a Resource with an Insecure Default

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References