Atop Ehg2408 Firmware
Monthly
Remote code execution in Atop Technologies EHG2408-series industrial Ethernet switches (including the EHG2408 and EHG2408-2SFP firmware) allows unauthenticated attackers to hijack the device's execution flow via a stack-based buffer overflow and run arbitrary code. The flaw was reported through Taiwan's CERT (TWCERT) and carries a CVSS 4.0 base score of 9.3, reflecting fully unauthenticated network exploitation with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis, and the EPSS score is low (0.14%, 34th percentile), suggesting exploitation has not yet been observed at scale.
Remote code execution in Atop Technologies EHG2408-series industrial Ethernet switches (including the EHG2408 and EHG2408-2SFP firmware) allows unauthenticated attackers to hijack the device's execution flow via a stack-based buffer overflow and run arbitrary code. The flaw was reported through Taiwan's CERT (TWCERT) and carries a CVSS 4.0 base score of 9.3, reflecting fully unauthenticated network exploitation with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis, and the EPSS score is low (0.14%, 34th percentile), suggesting exploitation has not yet been observed at scale.