- What is the severity of CVE-2024-23492?
- CVE-2024-23492 has been scored as a medium severity vulnerability.
- How to fix CVE-2024-23492?
- To fix CVE-2024-23492: Although this is an end-of-life product, Commend has created new firmware version WS-CM 2.0 https://clibrary-online.commend.com/ to address the first two issues. The new firmware can be loaded via the program "IP Station Config". To install the firmware, follow the instructions below: * Log in to the Commend web-portal. * Download and extract the "Terminals Software Package". * In "IP Station Config", select the stations to be updated in the table. * Go to: Menu Station > Firmware Download * Select the file "WS-CM 2.0.geh" from the folder "WS-CM" and click on the button Open. For additional information, please visit CSA-2024-42 on Commend's cybersecurity website. https://clibrary-online.commend.com/en/cyber-security/security-advisories.html
- Is CVE-2024-23492 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2024-23492 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2024-23492?
- CVE-2024-23492 affects Commend WS203VICM.