{"id":973,"date":"2024-03-13T08:18:04","date_gmt":"2024-03-13T06:18:04","guid":{"rendered":"https:\/\/techlance.ddns.net\/?p=973"},"modified":"2024-03-13T08:18:59","modified_gmt":"2024-03-13T06:18:59","slug":"useita-haavoittuvuuksia-charx-sec-latausohjaimissa","status":"publish","type":"post","link":"https:\/\/techlance.ddns.net\/en\/useita-haavoittuvuuksia-charx-sec-latausohjaimissa\/","title":{"rendered":"Useita haavoittuvuuksia CHARX SEC -latausohjaimissa"},"content":{"rendered":"

CHARX SEC -latausohjainten ohjelmistossa on l\u00f6ydetty useita haavoittuvuuksia. Vakavin haavoittuvuus mahdollistaa tunnistamattoman et\u00e4hy\u00f6kk\u00e4\u00e4j\u00e4n muuttaa konfiguraatioita suorittaakseen et\u00e4koodin suorituksen, koska kriittisess\u00e4 toiminnossa puuttuu todentaminen. Valmistaja on k\u00e4sitellyt haavoittuvuudet p\u00e4ivitetyss\u00e4 laiteohjelmistoversiossa.<\/p>\n\n\n\n

Classification: Severe, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.8 CVEs: CVE-2024-25995, CVE-2024-26288, CVE-2024-25999, CVE-2024-26002, CVE-2024-26003, CVE-2024-26004, CVE-2024-26001, CVE-2024-25998, CVE-2024-26000, CVE-2024-25994, CVE-2024-25997, CVE-2024-25996, CVE-2024-26005 Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. The most serious vulnerability allows and unauthenticated remote attacker to be able to modify configurations to perform a remote code execution due to a missing authentication for a critical function. The vendor has addressed the vulnerabilities in an updated firmware version.<\/p>\n\n\n\n

https:\/\/cert.vde.com\/en\/advisories\/VDE-2024-011\/<\/a><\/p>","protected":false},"excerpt":{"rendered":"

CHARX SEC -latausohjainten ohjelmistossa on l\u00f6ydetty useita haavoittuvuuksia. Vakavin haavoittuvuus mahdollistaa tunnistamattoman et\u00e4hy\u00f6kk\u00e4\u00e4j\u00e4n muuttaa konfiguraatioita suorittaakseen et\u00e4koodin suorituksen, koska kriittisess\u00e4 […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[9],"tags":[15],"class_list":["post-973","post","type-post","status-publish","format-standard","hentry","category-security","tag-tietoturva"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts\/973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/comments?post=973"}],"version-history":[{"count":0,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/posts\/973\/revisions"}],"wp:attachment":[{"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/media?parent=973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/categories?post=973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techlance.ddns.net\/en\/wp-json\/wp\/v2\/tags?post=973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}