CVE-2024-25972 in OET-213H-BTS1
Summary
by MITRE • 03/01/2024
Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in Japan by Atsumi Electric Co., Ltd. allows a network-adjacent unauthenticated attacker to configure and control the affected product.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 04/15/2026
The vulnerability identified as CVE-2024-25972 represents a critical security flaw in the OET-213H-BTS1 network device manufactured by Atsumi Electric Co., Ltd. This device is specifically sold in the Japanese market and suffers from an insecure default configuration that exposes it to unauthorized network access. The vulnerability stems from improper initialization of system resources during the device's boot process or configuration phase, creating a persistent security weakness that affects the device's operational integrity and network security posture.
This initialization flaw falls under the CWE-20 category of "Improper Input Validation" and specifically relates to CWE-768 "Incorrect Shortest Path" and CWE-311 "Missing Encryption of Sensitive Data". The device's default settings fail to properly secure critical system components, allowing an attacker who can access the network adjacent to the device to gain unauthorized control over its configuration parameters. The vulnerability's network-adjacent nature means that an attacker does not require physical access or complex attack vectors, but rather simply needs to be on the same network segment as the vulnerable device.
The operational impact of this vulnerability is significant as it allows an unauthenticated attacker to completely compromise the device's functionality. Network-adjacent attackers can manipulate the device's configuration settings, potentially redirecting network traffic, altering security policies, or disabling critical network functions. This compromise can lead to man-in-the-middle attacks, network disruption, or serve as a stepping stone for further attacks within the network infrastructure. The device's role in network operations makes it a valuable target for attackers seeking to establish persistent access or cause service disruption.
Security professionals should implement immediate mitigations including network segmentation to isolate the vulnerable device from critical network segments, disabling unnecessary network services, and applying firmware updates when available. The ATT&CK framework's T1071.004 technique of "Application Layer Protocol: DNS" and T1566.001 "Phishing: Spearphishing Attachment" may be relevant for defending against exploitation attempts. Organizations should also conduct network discovery to identify all instances of this device and establish monitoring for unusual configuration changes or network behavior that might indicate exploitation attempts. Regular security audits and vulnerability assessments should be performed to ensure that similar insecure default configurations do not exist in other network equipment.