CNNVD-202506-3062 Information
CNNVD ID
CNNVD-202506-3062
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
MB Connect Line mbCONNECT24等都是德国MB Connect Line公司的产品。MB Connect Line mbCONNECT24是一套远程服务门户网站。MB Connect Line mymbCONNECT24是一款适用于虚拟环境的内部远程维护解决方案。Helmholz myREX24等都是Helmholz公司的产品。Helmholz myREX24是一个集成系统,用于访问机器或系统的组件,以进行远程维护和远程诊断。 Helmholz和MB connect line多款产品存在访问控制错误漏洞,该漏洞源于关键功能缺少身份验证,可能导致信息泄露或拒绝服务攻击。以下产品受到影响:Helmholz myREX24、myREX24.virtual和MB connect line mbCONNECT24、mymbCONNECT24。
Description (English)
MB Connect Line mbConnECT24 and others are products of the German company MB Connect Line. MB Connect Line mbCONNET24 is a remote service portal. MB Connect Line mymbCONNECT24 is an internal remote maintenance solution applicable to the virtual environment. Helmholz my Rex24 and others are Helmholz products. Helmholz myREX24 is an integrated system for access to machine or system components for remote maintenance and long-range diagnosis. There is an access control error gap in the Helmholz and MB connect line products, which stems from the lack of identification of critical functions, which can lead to information leaking or denial of service attacks. The following products were affected: Helmholz myREX24, MyREX24.virtual and MB connect line mbCONNCT24, MymbCONNCT24.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Published
2025-06-24
Last Modified
2026-02-24
References
https://certvde.com/en/advisories/VDE-2025-037 https://certvde.com/en/advisories/VDE-2025-034 https://access.redhat.com/security/cve/cve-2025-3090
Patch
https://www.helmholz.de/en/products/industrial-remote-solutions/myrex24-portal/
Share on: