What is CVE-2024-6912?

CVE-2024-6912 is a vulnerability in Perkinelmer Processplus, classified under Use of Hard-coded Credentials. Published 2024-07-22.

Is CVE-2024-6912 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Perkinelmer Processplus

CVE-2024-6912

Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to login remove on all prone installations.This issue affects ProcessPlus: through 1.11.6507.0.

EPSS: 0.003 (50.7th percentile) — read the EPSS interpretation.

Affected products

Perkinelmer Processplus — versions 0

Weakness classification (CWE)

CWE-798 — Use of Hard-coded Credentials

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds

References

cyberdanube.com/en/en-multiple-vulnerabilities-in-perten-processplus/ (third-party-advisory)
seclists.org/fulldisclosure/2024/Jul/13

Frequently asked questions

What is CVE-2024-6912?: CVE-2024-6912 is a vulnerability in Perkinelmer Processplus, classified under Use of Hard-coded Credentials. Published 2024-07-22.
Is CVE-2024-6912 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.