# CVE-2024-2617

> A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned firmware.

- **CVSS:** 7.2 (HIGH)
- **EPSS:** 0.0%
- **CWE:** CWE-358

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-2617
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp