CVE-2024-9929

Summary

A vulnerability exists in NSD570 that allows any authenticated user to access all device logs disclosing login information with timestamps.

Affected Software

VendorProductVersion RangeStatus
Hitachi EnergyNSD570 Teleprotection Equipment1.0 <= 1.20affected

Weaknesses

  • CWE-497: CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References