Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-35295

A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with NXGPro+ controller manufactured between April 2020 to April 2025). The maintenance connection of affected devices fails to protect access to the device's control unit configuration. This could allow an attacker with physical access to the maintenance connection's door port to perform arbitrary configuration changes.

Published

2025-06-11T07:15:24.273

Last Modified

2025-06-12T16:06:20.180

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-306

Affected Vendors & Products

References

https://cert-portal.siemens.com/productcert/html/ssa-771113.html ([email protected])
https://www.innomotics.com/hub/en/ISA-771113 ([email protected])