PatchSiren cyber security CVE debrief
CVE-2024-21846 Electrolink CVE debrief
CVE-2024-21846 is a medium-severity vulnerability affecting Electrolink FM/DAB/TV transmitters, published on April 16, 2024. An unauthenticated attacker can trigger a denial-of-service condition by sending a specially-crafted GET request to the command.cgi gateway, causing the board to reset and stopping transmitter operations. The vulnerability impacts 24 Electrolink transmitter models across DAB, FM, and TV product lines, including compact, medium, high-power, and modular variants ranging from 10W to 40kW output. CISA published advisory ICSA-24-107-02 on the same date as the CVE publication. Electrolink has not responded to CISA's requests to collaborate on mitigation; users are advised to contact Electrolink directly for additional information. The CVSS 3.1 score of 5.3 reflects network accessibility, low attack complexity, no required privileges or user interaction, and low availability impact with no confidentiality or integrity impact.
- Vendor
- Electrolink
- Product
- 10W Compact DAB Transmitter
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-16
- Original CVE updated
- 2024-04-16
- Advisory published
- 2024-04-16
- Advisory updated
- 2024-04-16
Who should care
Broadcast operators, critical infrastructure providers using Electrolink transmission equipment, media companies, telecommunications providers, and security teams responsible for OT/ICS environments in broadcast transmission facilities
Technical summary
The vulnerability exists in the command.cgi gateway of Electrolink FM/DAB/TV transmitters. An unauthenticated remote attacker can send a specially-crafted HTTP GET request to this endpoint to trigger a board reset, resulting in immediate cessation of transmitter operations. The attack requires no authentication, no user interaction, and can be executed from the network with low complexity. All 24 affected product variants across DAB, FM, and TV transmitter lines are impacted regardless of firmware version (vers:all/*). The vulnerability represents a single-point-of-failure risk for broadcast operations where these transmitters are deployed.
Defensive priority
medium
Recommended defensive actions
- Contact Electrolink directly for product-specific mitigation guidance, as the vendor has not provided patches or workarounds through CISA coordination
- Restrict network access to Electrolink transmitter management interfaces, particularly the command.cgi gateway, to trusted administrative hosts only
- Monitor for unexpected board resets or transmitter operation stops that may indicate exploitation attempts
- Implement network segmentation to isolate transmitter management interfaces from untrusted networks
- Apply CISA ICS recommended practices for defense-in-depth strategies for industrial control systems
- Review and apply cybersecurity best practices for industrial control systems from CISA guidance
Evidence notes
Vulnerability description and affected product list derived from CISA CSAF advisory ICSA-24-107-02. Vendor non-response status confirmed in remediation section of source advisory. CVSS vector and score from official CISA CSAF data.
Official resources
-
CVE-2024-21846 CVE record
CVE.org
-
CVE-2024-21846 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-16