CVE-2024-45790 – This vulnerability allows remote attackers to p... (How to Fix)

Q: What is the severity of CVE-2024-45790?

CVE-2024-45790 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows remote attackers to perform brute force attacks against user passwords in Reedos aiM-Star version 2.0.1 due to missing rate limiting on failed authentication attempts. Attackers can gain unauthorized access to user accounts by systematically guessing passwords. Organizations using the vulnerable version of this software are affected.

📋 TL;DR

This vulnerability allows remote attackers to perform brute force attacks against user passwords in Reedos aiM-Star version 2.0.1 due to missing rate limiting on failed authentication attempts. Attackers can gain unauthorized access to user accounts by systematically guessing passwords. Organizations using the vulnerable version of this software are affected.

💻 Affected Systems

Products:

Reedos aiM-Star

Versions: 2.0.1

Operating Systems: Not specified

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the API-based login functionality specifically.

📦 What is this software?

Aim Star by Reedos

View all CVEs affecting Aim Star →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all user accounts, leading to data theft, system takeover, and lateral movement within the network.

🟠

Likely Case

Compromise of weak or reused passwords, unauthorized access to user accounts, and potential data exfiltration.

🟢

If Mitigated

Limited impact with proper monitoring and alerting on failed login attempts, though risk remains without patching.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Brute force attacks are well-understood and easy to automate with tools like Hydra or Burp Suite.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291

Restart Required: No

Instructions:

Monitor vendor for updates. Apply patch when available. No specific patching instructions provided in the reference.

🔧 Temporary Workarounds

Implement Rate Limiting

all

Configure rate limiting on authentication endpoints to restrict failed login attempts.

Depends on deployment environment (e.g., web server or application firewall configuration).

Use Strong Password Policies

all

Enforce complex passwords and regular rotation to reduce brute force effectiveness.

🧯 If You Can't Patch

Monitor logs for excessive failed login attempts and alert on suspicious patterns.
Isolate the vulnerable system behind a firewall or WAF with brute force protection rules.

🔍 How to Verify

Check if Vulnerable:

Check if Reedos aiM-Star version is 2.0.1 and test API login endpoint for lack of rate limiting.

Check Version:

Check application documentation or interface for version information.

Verify Fix Applied:

Verify patch application by checking version and testing that failed login attempts are now rate-limited.

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts from single IP or user account in short timeframes.

Network Indicators:

High volume of POST requests to login endpoints from suspicious sources.

SIEM Query:

source="aim-star" AND event="login_failed" | stats count by src_ip, user | where count > 10

📊 Metadata

CVE ID: CVE-2024-45790

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-307

Published: September 11, 2024

Last Updated: September 18, 2024

🔗 References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45790, you might also want to check these: