CVE-2024-50375

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier

Description: A missing authentication issue for critical functions was discovered, affecting Advantech devices. The vulnerability can be exploited by remote unauthenticated users interacting with the default "edgserver" service. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations: For Advantech EKI-6333AC-2G versions 1.6.3 and earlier, consider disabling the "edgserver" service until a patch is available. For Advantech EKI-6333AC-2GD versions 1.6.3 and earlier, consider disabling the "edgserver" service until a patch is available. For Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier, consider disabling the "edgserver" service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.