CVE-2024-45032

Name of the Vulnerable Software and Affected Versions Industrial Edge Management Pro versions prior to V1.9.5 Industrial Edge Management Virtual versions prior to V2.3.1-1

Description A vulnerability has been identified in the affected components of Industrial Edge Management, which do not properly validate device tokens. This could allow an unauthenticated remote attacker to impersonate other devices onboarded to the system, potentially bypassing security restrictions and gaining unauthorized access to protected information.

Recommendations For Industrial Edge Management Pro versions prior to V1.9.5, update to version V1.9.5 or later to resolve the issue. For Industrial Edge Management Virtual versions prior to V2.3.1-1, update to version V2.3.1-1 or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation until a patch is available.