CVE-2024-6787

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series", "name": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240735-multiple-vulnerabilities-in-mxview-one-and-mxview-one-central-manager-series", "tags": ["Patch", "Vendor Advisory"], "refsource": ""}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05", "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-05", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-367"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-6787", "ASSIGNER": "psirt@moxa.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}}, "publishedDate": "2024-09-21T05:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:moxa:mxview_one:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.4.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-09-30T18:02Z"}