Sign-up

ID

VAR-202509-4250


TITLE

Wuxi Xinjie Electric Co., Ltd.'s XLH-24A16 has a binary vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-22800

DESCRIPTION

The XLH-24A16 is a slim programmable controller. The XLH-24A16 from Wuxi Xinjie Electric Co., Ltd. contains a binary vulnerability that could allow attackers to bypass authentication and log into the system.

Trust: 0.6

sources: CNVD: CNVD-2025-22800

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-22800

AFFECTED PRODUCTS

vendor:wuxi xinjie electricmodel:xlh-24a16scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-22800

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2025-22800
value: LOW

Trust: 0.6

CNVD: CNVD-2025-22800
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2025-22800

EXTERNAL IDS

db:CNVDid:CNVD-2025-22800

Trust: 0.6

sources: CNVD: CNVD-2025-22800

SOURCES

db:CNVDid:CNVD-2025-22800

LAST UPDATE DATE

2025-10-16T23:48:15.725000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-22800date:2025-09-29T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-22800date:2025-09-14T00:00:00