Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks
Vulnerability Description
Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle (MITM) attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensitive design data.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
证书验证不恰当
Vulnerability Title
Altium Designer 安全漏洞
Vulnerability Description
Altium Designer是美国Altium公司的一个电子设计自动化软件。 Altium Designer 24.9.0版本存在安全漏洞,该漏洞源于未验证云连接的自签名服务器证书,可能导致中间人攻击拦截或操纵网络流量。
CVSS Information
N/A
Vulnerability Type
N/A