CVE-2024-45370 | HackTesting

An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config System 2.6.1.0. A specially crafted database record can lead to unauthorized access. An attacker can modify a local database to trigger this vulnerability.

Credits

Discovered by Kelly Patterson of Cisco Talos.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-2117

https://www.socomec.fr/sites/default/files/2025-11/CVE-2024-45370---ECS-2610---CVSS31_VULNERABILITIES_2025-11-19-09-45-29_English_PLURI_3.pdf