Socomec Easy Config System CVE-2024-45370 Authentication Bypass via SQLite Manipulation

Critical Vulnerability Information Report Number: TALOS-2024-2117 Vulnerability Name: Socomec Easy Config System User profile management authentication bypass vulnerability CVE ID: CVE-2024-45370 Date: December 1, 2025 Summary An authentication bypass vulnerability exists in the user profile management functionality of Socomec Easy Config System 2.6.1.0. This can be triggered by specially crafted database records, leading to unauthorized access. Attackers can modify the local database to exploit this vulnerability. Verified Affected Versions Socomec Easy Config System 2.6.1.0 Product URL Easy Config System - https://www.socomec.us/en-us/easy-config-system-software CVSSv3 Score 7.3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N CWE CWE-302 - Authentication Bypass by Assumption of Unchanged Data Details The Easy Config System configuration software allows users to configure Socomec measurement and load break devices while viewing all electrical quantities in real time. It offers features such as automatic detection of connected products and simultaneous configuration of multiple devices. Configuration can be performed locally via USB cable or remotely over an Ethernet network, eliminating the need for on-site configuration. The software includes two documented user profiles: User and Administrator, as well as an undocumented profile named Socomec. Based on the currently logged-in user profile, the application restricts available configuration options. The application relies on a local SQLite database, which is accessed when the user login prompt is displayed. This database contains password hashes for each user profile and a field indicating whether a password is required for login, named . An attacker with system access can modify the database file to set the field to 0, thereby disabling the password requirement for a specific user account. This allows the attacker to select any desired user profile without providing a password. Vendor Response Vendor advisory: https://www.socomec.fr/s sites/default/files/2025-11/CVE-2024-45370 ECS-2610 CVSS31 VULNERABILITIES_2025-11-19-09-45 29_English PLURL 3.pdf Timeline January 13, 2025: Vendor disclosure November 19, 2025: Vendor patch release December 1, 2025: Public disclosure Acknowledgments Discovered by Kelly Patterson of Cisco Talos.

Goal Reached Thanks to every supporter — we hit 100%!

Socomec Easy Config System CVE-2024-45370 Authentication Bypass via SQLite Manipulation