CVE-2024-3904

Name of the Vulnerable Software and Affected Versions Smart Device Communication Gateway versions 05 through 07

Description The issue allows a local attacker to execute arbitrary code by saving a malicious file to a specific folder. As a result, the attacker may disclose, tamper with, destroy or delete information in the product, or cause a denial-of-service (DoS) condition on the product.

Recommendations For versions 05 through 07, consider restricting access to the specific folder where the malicious file can be saved until a patch is available. As a temporary workaround, avoid using the vulnerable functionality in the Smart Device Communication Gateway until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.