PatchSiren cyber security CVE debrief
CVE-2024-42408 Dorsett Controls CVE debrief
A vulnerability in Dorsett Controls InfoScan allows network-based attackers to intercept client download page traffic via a proxy, exposing system filenames and potentially enabling further information disclosure. The issue affects InfoScan versions 1.32, 1.33, and 1.35, with a fix available in version 1.38 or later. CISA published this advisory on August 8, 2024 as ICSA-24-221-01. The vulnerability carries a CVSS 3.1 score of 5.3 (Medium severity) with a vector of AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating network-accessible, low-complexity attacks requiring no privileges or user interaction that result in low confidentiality impact.
- Vendor
- Dorsett Controls
- Product
- InfoScan
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-08-08
- Original CVE updated
- 2024-08-08
- Advisory published
- 2024-08-08
- Advisory updated
- 2024-08-08
Who should care
Organizations operating Dorsett Controls InfoScan systems in industrial control or building automation environments, particularly those with external network connectivity or insufficient network segmentation that could enable proxy-based interception of client-server communications.
Technical summary
The InfoScan client download page transmits data that can be intercepted by a man-in-the-middle proxy, exposing filenames present on the target system. This information disclosure weakness could facilitate reconnaissance for additional attacks. The vulnerability is remotely exploitable without authentication and requires no user interaction.
Defensive priority
medium
Recommended defensive actions
- Update InfoScan to version 1.38 or later through the System Prefs > Maintenance > Install Now workflow
- If internet access is unavailable, download the update from the Dorsett Controls Customer Portal InfoScan Update tile and follow portal instructions
- Review network segmentation for InfoScan systems to limit proxy-based interception opportunities
- Monitor for unauthorized proxy usage or unexpected filename disclosure in network traffic
- Apply CISA ICS recommended practices for defense-in-depth security controls
Evidence notes
The vulnerability description and remediation guidance are sourced from CISA CSAF advisory ICSA-24-221-01. Affected product versions (1.32, 1.33, 1.35) and the fixed version (1.38) are explicitly documented in the vendor's security bulletin referenced within the advisory.
Official resources
-
CVE-2024-42408 CVE record
CVE.org
-
CVE-2024-42408 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA disclosed this vulnerability on August 8, 2024 via ICS advisory ICSA-24-221-01. The vendor has released InfoScan version 1.38 to address the issue.