CVE-2024-45370

HIGH7.3

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2

Published Dec 1, 2025

Modified 3 months ago

Details

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

References

WEB

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2117

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2024-45370

WEB

https://www.socomec.fr/sites/default/files/2025-11/CVE-2024-45370---ECS-2610---CVSS31_VULNERABILITIES_2025-11-19-09-45-29_English_PLURI_3.pdf

WEB

https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2117

CVSS Analysis

CVSS v3.1

7.3