CNNVD-202506-3748 Information

CNNVD ID

CNNVD-202506-3748

Related CVE

CVE-2024-8419

• CNNVD Published: 2025-06-30

Description (Chinese)

ifm electronic Smart PLC AC4xxS是德国易福门电子（ifm electronic）公司的一系列主机/网关。 ifm electronic Smart PLC AC4xxS存在访问控制错误漏洞，该漏洞源于端点脚本缺少身份验证，可能导致未经授权的远程攻击者通过网络使系统进入故障安全状态。

Description (English)

Ifm electronic Smart PLC AC4xxS is a series of hosts/ gateways of the German company Ifm electronic. Ifm electronic Smart PLC AC4xxS has an access control error loophole, which stems from the lack of end-point script identification, which may result in unauthorized remote assailants bringing the system into a fail-safe state via the network.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

易福门电子

Published

2025-06-30

Last Modified

2026-02-24

References

https://cert.vde.com/en/advisories/VDE-2024-061 https://access.redhat.com/security/cve/cve-2024-8419

Patch

https://www.ifm.com/us/en/download/eco300_SmartSPS_AC14_AC4S_komplette_Software?srsltid=AfmBOorB5am3gfXWZxGR7UZFp2hrS5lPVcBkFB3vZ3DH33jZI7ssI2kI