CVE-2024-46602
Published: 07 January 2025
Summary
CVE-2024-46602 is a high-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Elspec-Ltd G5Dfr Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-46602 is an XML External Entity (XXE) vulnerability affecting the Elspec G5 digital fault recorder in version 1.2.1.12 and earlier. The flaw, classified under CWE-611, enables an attacker to process a crafted XML payload that triggers a Denial of Service (DoS) condition. It received a CVSS v3.1 base score of 7.5, reflecting high severity due to its network accessibility and availability impact.
The vulnerability can be exploited by any unauthenticated attacker with network access to the affected device, requiring low complexity and no user interaction. Successful exploitation disrupts device availability by causing a DoS, with no reported impacts on confidentiality or integrity.
For mitigation details, refer to the vendor's security advisory at https://www.elspec-ltd.com/support/security-advisories. The CVE was published on 2025-01-07.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-42197
Vulnerability details
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a crafted XML payload.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XXE flaw in network-exposed device directly enables unauthenticated exploitation of public-facing application (T1190) to trigger endpoint DoS via crafted XML (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses remediation of the specific XXE flaw in the Elspec G5 by identifying, patching, and testing updates per vendor advisory.
Enforces validation of crafted XML payloads to prevent external entity processing that triggers the DoS condition.
Limits the effects of DoS caused by successful XXE exploitation through traffic monitoring and rejection of prohibitive communications.