PT-2024-19573 · Tormach · Pathpilot Controller+1
Irfan Ahmed
+1
·
Published
2024-04-22
·
Updated
2025-09-15
·
CVE-2024-22813
CVSS v3.1
4.4
Medium
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Tormach xsTECH CNC Router, PathPilot Controller version 2.9.6
Description
The issue allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.
Recommendations
For version 2.9.6, consider restricting access to the device memory to prevent overwriting of the hardcoded IP address until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pathpilot Controller
Tormach Xstech Cnc Router