Vulnerabilities > CVE-2024-40395 - Authorization Bypass Through User-Controlled Key vulnerability in PTC Thingworx 9.5.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |