PatchSiren cyber security CVE debrief
CVE-2024-32386 Kerlink CVE debrief
A directory traversal vulnerability was reported in Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042. This vulnerability allows a remote attacker to obtain sensitive information via the SNMP update mechanism. The vulnerability has a CVSS score of 7.3 and is classified as HIGH. Users and administrators should be aware of the potential impact of directory traversal attacks, which can lead to unauthorized access to sensitive information. It is essential to review the vulnerability details and plan for necessary updates or mitigations. The CVE record and NVD entry provide further information on the vulnerability.
- Vendor
- Kerlink
- Product
- Wirnet iStation 868 KerOS v.4.3.3_20200803132042
- CVSS
- HIGH 7.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-16
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-16
- Advisory updated
- 2026-07-16
Who should care
Users of Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 should be aware of this vulnerability and take necessary precautions. Affected operators, platforms, vulnerability-management, and security teams should review the vulnerability and plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
Technical summary
The vulnerability has a CVSS score of 7.3 and is classified as HIGH. The CVSS vector is CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N. The vulnerability affects Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042. Defenders should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance. The vulnerability allows for sensitive information disclosure through directory traversal, and defenders should focus on patching and restricting access to the SNMP update mechanism.
Defensive priority
High priority should be given to patching this vulnerability as it allows for sensitive information disclosure.
Recommended defensive actions
- Apply the patch provided by the vendor
- Restrict access to the SNMP update mechanism
- Monitor for any suspicious activity
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-16T21:17:18.547Z and has not been modified since then. The NVD entry is currently Received. The vulnerability affects Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042, and defenders should verify the affected scope and vendor guidance.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T21:17:18.547Z and has not been modified since then.