cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11999,https://securityvulnerability.io/vulnerability/CVE-2024-11999,Third-Party Component Vulnerability in Schneider Electric HMI Products,"CVE-2024-11999 is a critical vulnerability categorized as CWE-1104, related to the use of unmaintained third-party components in Schneider Electric's HMI products. This issue allows authenticated users to execute malicious code, potentially granting them complete control over the device. If successfully exploited, attackers could manipulate device functions, leading to unauthorized access and severe operational risks. Organizations using affected versions must take preventive action to secure their HMI systems against this risk. Comprehensive patching and adopting stringent security measures are essential to mitigate potential outcomes.",Schneider Electric,"Harmony (formerly Magelis) Hmist6, Hmistm6, Hmig3u, Hmig3x, Hmisto7 Series With Ecostruxure Operator Terminal Expert Runtime,Pfxst6000, Pfxstm6000, Pfxsp5000, Pfxgp4100 Series With Pro-face Blue Runtime",8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-17T06:13:00.636Z,0