The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and availability.
Multiple vulnerabilities have been discovered in MB connect line mbNET.mini product allowing for RCE or unauthorized file access.
Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access. CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products, while CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.
Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.
An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.11.2.
Two issues have been discovered in mymbCONNECT24 and mbCONNECT24 in all versions
including V2.8.0.
Update A, 2022-09-07:
Multiple vulnerabilities have been found in mymbCONNECT24 and mbCONNECT24.
Update A, 2022-09-07:
An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.9.0.