Back to overview

MB connect line: Multiple Vulnerabilities in MB connect line Products

VDE-2024-068
Last update
03/06/2026 09:00
Published at
10/15/2024 10:00
Vendor(s)
MB connect line GmbH
External ID
VDE-2024-068
CSAF Document
Download

Summary

Multiple vulnerabilities have been discovered in MB connect line products that could allow RCE or unauthorized file access.

CVE-2024-45272 affects the mbCONNECT24 and mymbCONNECT24 products.

CVE-2024-45273 affects the mbNET/mbNET.rokey, mbCONNECT24, mymbCONNECT24, mbNET HW1, and mbSPIDER products.

CVE-2024-45275 affects only the mbNET HW1 product.

Impact

CVE-2024-45272 allows brute-force attacks against remote credentials with a high probability of success.

CVE-2024-45273 allows undetectable tampering and manipulation of encrypted configuration files.

CVE-2024-45275 allow remote code execution with system privileges, resulting in full compromise of the device

Affected Product(s)

Model no. Product name Affected versions
MB connect line mbCONNECT24 Firmware <=2.16.2
MDH 810 (HW01), MDH 811 (HW01), MDH 814 (HW01), MDH 815 (HW01), DH 816 (HW01), DH 819 (HW01), MDH 830 (HW01), MDH 831 (HW01), MDH 834 (HW01) , MDH 835 (HW01), DH 841 (HW01), MDH 849 (HW01), DH 850 EU (HW01), MDH 850 AT&T (HW01), DH 855 EU (HW01), MDH 855 AT&T (HW01), MDH 858 EU (HW01), MDH 858 AT&T (HW01), MDH 859 EU (HW01), MDH 859 AT&T (HW01) mbNET HW1 Firmware <=5.1.11
MDH 811, MDH 816, MDH 831, MDH 835, MDH 841, MDH 850 EU, MDH 850 US, MDH 855 EU, MDH 855 US, MDH 859 EU, MDH 859 US, MDH 871, MDH 876, RKH 210, RKH 216, RKH 235, RKH 259 EU, RKH 259 US mbNET/mbNET.rokey Firmware <=8.2.0
MDH 900, MDH 901, MDH 905, MDH 906, MDH 907, MDH 908, MDH 910, MDH 911, MDH 915, MDH 916, MDH 918 mbSPIDER Firmware <=2.6.5
mymbCONNECT24 Firmware <=2.16.2

Vulnerabilities

Expand / Collapse all

Published
03/06/2026 09:12
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Use of Hard-coded Credentials (CWE-798)
Summary

The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices.

References
cve.org | nvd.nist.gov

Published
03/06/2026 09:12
Severity
8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Weak Encoding for Password (CWE-261)
Summary

An unauthenticated local attacker can decrypt the devices config file and therefore compromise the device due to a weak implementation of the encryption used.

References
cve.org | nvd.nist.gov

Published
03/06/2026 09:12
Severity
7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness
Use of Weak Credentials (CWE-1391)
Summary

An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote service portal with a high chance of success, resulting in connection lost.

References
cve.org | nvd.nist.gov

Remediation

Update mbNET/mbNET.rokey to the version 8.2.1\
Update mbCONNECT24, mymbCONNECT24 to the version 2.16.3\
Note: mbNET HW1 and mbSPIDER are EOL and will not receive any further updates.

Acknowledgments

MB connect line GmbH thanks the following parties for their efforts:

Revision History

Version Date Summary
1.0.0 10/15/2024 10:00 Initial revision.
2.0.0 11/06/2024 12:27 Fix: correct certvde domain, added self-reference
3.0.0 05/14/2025 14:28 Fix: version space
4.0.0 03/06/2026 09:00 Added CVE-2024-45275