CVE-2024-55024 – An authentication bypass vulnerability in Weint... (How to Fix)

Q: What is the severity of CVE-2024-55024?

CVE-2024-55024 has a CVSS score of 9.8 (CRITICAL). An authentication bypass vulnerability in Weintek cMT-3072XH2 HMI devices allows unauthorized attackers to perform administrative actions using service accounts. This affects industrial control systems using these devices with vulnerable software versions. Attackers can gain administrative privileges without proper authentication.

📋 TL;DR

An authentication bypass vulnerability in Weintek cMT-3072XH2 HMI devices allows unauthorized attackers to perform administrative actions using service accounts. This affects industrial control systems using these devices with vulnerable software versions. Attackers can gain administrative privileges without proper authentication.

💻 Affected Systems

Products:

Weintek cMT-3072XH2

Versions: easyweb v2.1.53, OS v20231011

Operating Systems: Weintek OS

Default Config Vulnerable: ⚠️ Yes

Notes: Devices with the specified software versions are vulnerable regardless of configuration.

📦 What is this software?

Cmt 3072xh2 Firmware by Weintek

View all CVEs affecting Cmt 3072xh2 Firmware →

Easyweb by Weintek

View all CVEs affecting Easyweb →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of industrial control systems, unauthorized configuration changes, disruption of manufacturing processes, potential safety incidents, and data exfiltration.

🟠

Likely Case

Unauthorized administrative access leading to configuration changes, operational disruption, and potential data manipulation in industrial environments.

🟢

If Mitigated

Limited impact if devices are isolated in segmented networks with strict access controls and monitoring.

🌐 Internet-Facing: HIGH - Devices exposed to internet are directly vulnerable to remote exploitation without authentication.

🏢 Internal Only: HIGH - Internal attackers or compromised internal systems can exploit this vulnerability to gain administrative control.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept demonstrates exploitation. The vulnerability allows bypassing authentication mechanisms to access administrative functions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Monitor Weintek security advisories for updates. Consider workarounds and mitigation strategies.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Weintek devices in separate network segments with strict firewall rules

Access Control Lists

all

Implement strict IP-based access controls to limit connections to authorized management systems only

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable devices from untrusted networks
Deploy intrusion detection systems to monitor for unauthorized access attempts
Implement strict access controls and authentication mechanisms at network perimeter
Regularly monitor device logs for suspicious authentication attempts

🔍 How to Verify

Check if Vulnerable:

Check device software version via web interface or device configuration. Vulnerable if running easyweb v2.1.53 with OS v20231011.

Check Version:

Check via device web interface or configuration tools. No standard CLI command available.

Verify Fix Applied:

Verify software version has been updated to a patched version (when available) and test authentication mechanisms.

📡 Detection & Monitoring

Log Indicators:

Unauthorized authentication attempts
Service account usage from unexpected IPs
Administrative actions from non-admin accounts

Network Indicators:

HTTP requests to administrative endpoints without proper authentication
Traffic to service account endpoints from unauthorized sources

SIEM Query:

source="weintek-device" AND (event_type="authentication" AND result="failure") OR (event_type="admin_action" AND user="service_account")

📊 Metadata

CVE ID: CVE-2024-55024

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-693

Published: March 3, 2026

Last Updated: March 4, 2026

🔗 References

https://gist.github.com/AenganZ/f86ed0da28825a1432ec697f484622de Third Party Advisory
https://plain-trick-71d.notion.site/weintek-cMT-3072XH2-14687a89c4c181eeb21ad61e0392f34b?pvs=4 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-55024, you might also want to check these: