CVE-2024-13089

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://security.nozominetworks.com/NN-2025:1-01", "name": "https://security.nozominetworks.com/NN-2025:1-01", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands.\n\n\n\nUsers with administrative privileges may upload update packages to upgrade the versions of Nozomi Networks Guardian and CMC.\n\nWhile these updates are signed and their signatures are validated prior to installation, an improper signature validation check has been identified.\n\nThis issue could potentially enable users to execute commands remotely on the appliance, thereby impacting confidentiality, integrity, and availability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-13089", "ASSIGNER": "prodsec@nozominetworks.com"}}, "impact": {}, "publishedDate": "2025-06-10T11:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-06-10T11:15Z"}