Vulnerability Details CVE-2024-6596
An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.1%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2024-6596
-
cpe:2.3:a:endress:echo_curve_viewer:-
-
cpe:2.3:a:endress:echo_curve_viewer:5.2.2.6
-
cpe:2.3:a:endress:fieldcare_sfe500_package:-
-
cpe:2.3:a:endress:fieldcare_sfe500_package:1.40.00.7448
-
cpe:2.3:h:endress:field_xpert_smt50:-
-
cpe:2.3:h:endress:field_xpert_smt70:-
-
cpe:2.3:h:endress:field_xpert_smt77:-
-
cpe:2.3:h:endress:field_xpert_smt79:-
-
cpe:2.3:o:endress:field_xpert_smt50_firmware:-
-
cpe:2.3:o:endress:field_xpert_smt70_firmware:-
-
cpe:2.3:o:endress:field_xpert_smt77_firmware:-
-
cpe:2.3:o:endress:field_xpert_smt79_firmware:-