{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T18:51:51.533","vulnerabilities":[{"cve":{"id":"CVE-2024-31856","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2024-05-15T20:15:11.710","lastModified":"2025-07-30T00:20:33.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An attacker with certain MQTT permissions can create malicious messages \nto all CyberPower PowerPanel devices. This could result in an attacker injecting \nSQL syntax, writing arbitrary files to the system, and executing remote \ncode."},{"lang":"es","value":"Un atacante con ciertos permisos MQTT puede crear mensajes maliciosos para todos los dispositivos CyberPower PowerPanel. Esto podría provocar que un atacante inyecte sintaxis SQL, escriba archivos arbitrarios en el sistema y ejecute código remoto."}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyberpower:powerpanel:*:*:*:*:business:windows:*:*","versionEndIncluding":"4.9.0","matchCriteriaId":"63016483-EF5A-42FE-BBC2-D7E66C24B9B1"}]}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads","source":"ics-cert@hq.dhs.gov","tags":["Product"]},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-24-123-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}}]}