CVE-2024-41720

Summary

Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device.

Affected Software

VendorProductVersion RangeStatus
ZEXELON CO., LTD.ZWX-2000CSW2-HNfirmware versions prior to Ver.0.3.15affected

Weaknesses

  • Incorrect Permission Assignment for Critical Resource

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References