CVE-2024-37649 is a vulnerability classified under CWE-281 (Improper Authentication) affecting SecureSTATION devices version 2.5.5.3116-S50-SMA-B20160811A and earlier. The vulnerability arises from insecure permissions that allow an attacker with physical proximity to the device to modify user credentials without requiring authentication or user interaction. This modification can lead to unauthorized disclosure of sensitive information stored or accessible via the device. The attack vector is physical access, meaning the attacker must be near the device to exploit the vulnerability. The CVSS 3.1 base score is 4.6, reflecting a medium severity due to the limited attack vector but high confidentiality impact. The vulnerability does not affect system integrity or availability, and no known exploits have been reported in the wild as of the publication date. The lack of patch information suggests that vendors or administrators need to implement compensating controls until a fix is available. The vulnerability highlights the importance of secure permission settings and physical security in embedded or network devices like SecureSTATION.

The primary impact of CVE-2024-37649 is the unauthorized disclosure of sensitive information due to the modification of user credentials by an attacker with physical access. This can lead to compromised confidentiality of user data or system configurations. While the vulnerability does not directly affect system integrity or availability, the exposure of credentials can facilitate further unauthorized access or lateral movement within an organization’s network. Organizations relying on SecureSTATION devices in critical infrastructure, telecommunications, or enterprise environments may face increased risk if physical security is insufficient. The medium severity score reflects the balance between the high confidentiality impact and the requirement for physical proximity, limiting the scope of exploitation. However, in environments where devices are deployed in publicly accessible or poorly secured locations, the risk is significantly elevated.

1. Enforce strict physical security controls around SecureSTATION devices to prevent unauthorized physical access, including locked enclosures and surveillance. 2. Regularly audit user credentials and access logs to detect unauthorized modifications promptly. 3. Implement network segmentation to limit the impact of compromised credentials and restrict access to sensitive systems. 4. Monitor device configurations and permissions for unexpected changes, using automated tools where possible. 5. Engage with the vendor for updates or patches addressing this vulnerability and apply them promptly once available. 6. Consider deploying tamper-evident seals or intrusion detection mechanisms on devices to alert on physical tampering attempts. 7. Train personnel on the importance of physical security and the risks associated with device access. 8. If patching is delayed, consider temporary compensating controls such as disabling unused interfaces or restricting device management access to trusted personnel only.