• 1 (current)
  • 2

The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and availability.



Multiple vulnerabilities have been discovered in MB connect line mbNET.mini product allowing for RCE or unauthorized file access.



Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products, while CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.



Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.



An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.11.2.



Two issues have been discovered in mymbCONNECT24 and mbCONNECT24 in all versions
including V2.8.0.

Update A, 2022-09-07:

  • Updated affected versions (and solution) due to incomplete fixes in previous versions



Multiple vulnerabilities have been found in mymbCONNECT24 and mbCONNECT24.

Update A, 2022-09-07:

  • Affected Products: updated affected versions due to incomplete fixes of some CVEs. See Solution for details.
  • Solution: updated version information.
  • Solution: Added Fix for CVE-2020-35561.
  • Solution: Added MFA remark for CVE-2020-35565.



An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.9.0.



  • 1 (current)
  • 2

Feeds

By Vendor

Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017

Legend

(Scoring for CVSS 2.0,3.0+3.1)
None
No CVE available
Low
0.1 <= 3.9
Medium
4.0 <= 6.9
High
7.0 <= 8.9
Critical
9.0 <= 10.0