CVE-2024-36059

Name of the Vulnerable Software and Affected Versions Kalkitech ASE ASE61850 IEDSmart versions 2.3.5 and earlier

Description The issue allows attackers to read and write arbitrary files via the IEC61850 File Transfer protocol. This is a result of a Directory Traversal vulnerability.

Recommendations For versions 2.3.5 and earlier, update to a version later than 2.3.5 to resolve the issue. As a temporary workaround, consider restricting access to the IEC61850 File Transfer protocol to minimize the risk of exploitation.