CVE-2024-5951 is a vulnerability affecting Deep Sea Electronics DSE855 devices, specifically version 1.1.0, where the web-based user interface lacks authentication for a critical function—factory reset. This missing authentication (CWE-306) allows an attacker with network adjacency to invoke the factory reset functionality without any credentials or user interaction. The vulnerability arises because the device's web UI does not enforce authentication checks before permitting access to this sensitive operation. Exploiting this flaw results in a denial-of-service condition by resetting the device to factory defaults, which can disrupt device availability and potentially cause operational downtime. The vulnerability has a CVSS 3.0 base score of 7.1, reflecting high severity due to its impact on availability (A:H), no required privileges (PR:N), no user interaction (UI:N), and low attack complexity (AC:L). Although no public exploits have been reported yet, the ease of exploitation and critical impact on device operation make this a significant threat. The DSE855 is commonly used in industrial and power generation environments, where device availability is crucial. The vulnerability was identified and published by the Zero Day Initiative (ZDI) under the identifier ZDI-CAN-23173. No patches or firmware updates have been released at the time of publication, emphasizing the need for interim mitigations.

The primary impact of CVE-2024-5951 is denial of service through unauthorized factory reset of affected DSE855 devices. This can cause operational disruptions in environments relying on these devices for power generation control, industrial automation, or critical infrastructure management. The loss of device configuration and forced reset can lead to downtime, loss of monitoring and control capabilities, and potential safety risks if backup systems or manual overrides are not in place. Since no authentication is required, attackers with network access can easily exploit this vulnerability, increasing the risk of targeted attacks or accidental disruptions. Organizations worldwide using DSE855 devices in critical roles may face service interruptions, financial losses, and reputational damage. The vulnerability does not directly impact confidentiality but compromises integrity and availability, which are vital for operational technology environments. The lack of known exploits currently limits immediate widespread impact, but the threat remains significant due to the device's role and the vulnerability's characteristics.

To mitigate CVE-2024-5951, organizations should implement the following specific measures: 1) Immediately restrict network access to the DSE855 web interface by placing devices behind firewalls or network segmentation controls limiting access to trusted management networks only. 2) Disable or block access to the factory reset functionality if possible through device configuration or by restricting HTTP methods and URLs associated with this function. 3) Monitor network traffic and device logs for unusual or unauthorized reset attempts to detect exploitation attempts early. 4) Employ VPNs or secure management channels to access device interfaces, reducing exposure to network-adjacent attackers. 5) Engage with Deep Sea Electronics for firmware updates or patches addressing this vulnerability and plan for timely deployment once available. 6) Implement physical security controls to prevent unauthorized local access to devices. 7) Develop and test incident response plans to quickly recover from potential device resets, including backup configurations and rapid reconfiguration procedures. These targeted actions go beyond generic advice by focusing on access control, monitoring, and operational preparedness specific to the DSE855 environment.