CVE-2024-28878— IOSIX IO-1020 Micro ELD Download of Code Without Integrity Check
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-28878
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IOSIX IO-1020 Micro ELD Download of Code Without Integrity Check
Source: NVD (National Vulnerability Database)
Vulnerability Description
IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes the code without sufficiently verifying the origin or integrity of the code.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
下载代码缺少完整性检查
Source: NVD (National Vulnerability Database)
Vulnerability Title
IO-1020 Micro ELD 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IOSiX IO-1020 Micro ELD是美国IOSiX公司的一种电子日志设备。 IO-1020 Micro ELD 360之前版本存在安全漏洞,该漏洞源于无需充分验证代码的来源或完整性就可以从相邻位置下载源代码或可执行文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IOSiX | IO-1020 Micro ELD | 0 ~ 360 | - |
II. Public POCs for CVE-2024-28878
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-28878
请登录查看更多情报信息。
Same Patch Batch · IOSiX · 2024-04-12 · 3 CVEs total
| CVE-2024-30210 | 7.4 HIGH | IOSIX IO-1020 Micro ELD Use of Default Credentials |
| CVE-2024-31069 | 7.4 HIGH | IOSIX IO-1020 Micro ELD Use of Default Credentials |
IV. Related Vulnerabilities
Same weakness: CWE-494
- CVE-2026-42249
Remote Code Execution in Ollama via Update Mechanism - CVE-2026-42248
Missing Signature Verification for Updates in Ollama - CVE-2026-40066
Anviz Products Download of Code Without Integrity Check - CVE-2026-3428
ASUS Member Center 安全漏洞 - CVE-2026-34841
Axios npm Supply Chain Incident Impacting @usebruno/cli
V. Comments for CVE-2024-28878
No comments yet