PatchSiren cyber security CVE debrief
CVE-2024-9692 VIMESA CVE debrief
CVE-2024-9692 is a medium-severity denial-of-service vulnerability affecting the VIMESA VHF/FM Transmitter Blue Plus (version 9.7.1). Published on October 24, 2024, this vulnerability allows unauthenticated remote attackers to restart transmitter operations by sending an unauthorized HTTP GET request to the unprotected 'doreboot' endpoint. The CVSS 3.1 score of 5.3 reflects network accessibility, low attack complexity, no required privileges or user interaction, and low availability impact with no confidentiality or integrity impact. This vulnerability poses particular concern for broadcast infrastructure operators, as successful exploitation could disrupt FM radio transmission services without requiring authentication. CISA has noted that VIMESA has not responded to coordination requests to develop mitigations, leaving users dependent on direct vendor engagement for remediation guidance.
- Vendor
- VIMESA
- Product
- VHF/FM Transmitter Blue Plus
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-10-24
- Original CVE updated
- 2024-10-24
- Advisory published
- 2024-10-24
- Advisory updated
- 2024-10-24
Who should care
Broadcast engineering teams operating VIMESA FM transmission equipment, critical infrastructure security teams managing radio broadcast systems, network security architects designing segmentation for media and entertainment operational technology environments, and regulatory compliance officers responsible for FCC-licensed broadcast facility security
Technical summary
The VIMESA VHF/FM Transmitter Blue Plus exposes an unprotected HTTP endpoint at 'doreboot' that processes GET requests without authentication. Remote attackers can trigger this endpoint to initiate a system reboot, causing denial of service by interrupting FM broadcast transmission operations. The vulnerability is network-exploitable with no prerequisites, making it accessible to any attacker with network reachability to the device management interface. No confidentiality or integrity impacts are associated with this vulnerability; the sole impact is availability degradation through forced restart.
Defensive priority
medium
Recommended defensive actions
- Contact VIMESA directly for security updates or mitigation guidance, as the vendor has not coordinated with CISA on fixes
- Restrict network access to the transmitter's management interface to authorized administrative hosts only
- Implement network segmentation to isolate broadcast transmission equipment from general enterprise networks
- Monitor for unauthorized HTTP GET requests to endpoints containing 'doreboot' or similar system control functions
- Apply defense-in-depth strategies for industrial control systems per CISA guidance
- Review and strengthen authentication requirements for all administrative endpoints on broadcast infrastructure equipment
Evidence notes
Vulnerability details sourced from CISA CSAF advisory ICSA-24-298-01. Affected product confirmed as VIMESA VHF/FM Transmitter Blue Plus version 9.7.1. CVSS vector confirmed as AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. Vendor non-response to CISA coordination documented in remediation section of source advisory.
Official resources
-
CVE-2024-9692 CVE record
CVE.org
-
CVE-2024-9692 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-10-24