CVE-2024-24955 - Vulnerability Details - OpenCVE

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Automationdirect	P3-550e P3-550e Firmware

Configuration 1 [-]

AND

cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:*:*:*:*:*:*:*

cpe:2.3:h:automationdirect:p3-550e:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938

History

Thu, 13 Feb 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 12 Feb 2025 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Automationdirect Automationdirect p3-550e Automationdirect p3-550e Firmware
CPEs		cpe:2.3:h:automationdirect:p3-550e:-:::::::* cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:::::::*
Vendors & Products		Automationdirect Automationdirect p3-550e Automationdirect p3-550e Firmware

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2024-05-28T15:30:17.194Z

Updated: 2025-02-13T17:40:38.321Z

Reserved: 2024-02-01T20:30:06.287Z

Link: CVE-2024-24955

Vulnrichment

Updated: 2024-08-01T23:36:21.461Z

NVD

Status : Analyzed

Published: 2024-05-28T16:15:14.107

Modified: 2025-02-12T18:31:05.193

Link: CVE-2024-24955

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-24955", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2024-02-01T20:30:06.287Z", "datePublished": "2024-05-28T15:30:17.194Z", "dateUpdated": "2025-02-13T17:40:38.321Z"}, "containers": {"cna": {"affected": [{"vendor": "AutomationDirect", "product": "P3-550E", "versions": [{"version": "1.2.10.9", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-787: Out-of-bounds Write", "type": "CWE", "cweId": "CWE-787"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-06-10T16:12:12.294Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}], "credits": [{"lang": "en", "value": "Discovered by Matt Wiseman of Cisco Talos."}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24955", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-29T00:52:15.615573Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:*:*:*:*:*:*:*"], "vendor": "automationdirect", "product": "p3-550e_firmware", "versions": [{"status": "affected", "version": "1.2.10.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:43:27.339Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:21.461Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "tags": ["x_transferred"]}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "tags": ["x_transferred"]}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:21.461Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-24955", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-29T00:52:15.615573Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:*:*:*:*:*:*:*"], "vendor": "automationdirect", "product": "p3-550e_firmware", "versions": [{"status": "affected", "version": "1.2.10.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-29T00:52:26.564Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "value": "Discovered by Matt Wiseman of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "AutomationDirect", "product": "P3-550E", "versions": [{"status": "affected", "version": "1.2.10.9"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}], "descriptions": [{"lang": "en", "value": "Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-06-10T16:12:12.294Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24955", "state": "PUBLISHED", "dateUpdated": "2025-02-13T17:40:38.321Z", "dateReserved": "2024-02-01T20:30:06.287Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2024-05-28T15:30:17.194Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:automationdirect:p3-550e_firmware:1.2.10.9:*:*:*:*:*:*:*", "matchCriteriaId": "4A393F14-3BD3-44DE-B06F-9235AB62C68F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:automationdirect:p3-550e:-:*:*:*:*:*:*:*", "matchCriteriaId": "5086EF1F-C3CE-4B5F-A352-67CE332A6C4F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`."}, {"lang": "es", "value": "Existen varias vulnerabilidades de escritura fuera de los l\u00edmites en la funcionalidad API del sistema de archivos de conexi\u00f3n del software de programaci\u00f3n de AutomationDirect P3-550E 1.2.10.9. Los paquetes de red especialmente manipulados pueden provocar da\u00f1os en la memoria del mont\u00f3n. Un atacante puede enviar paquetes maliciosos para activar estas vulnerabilidades. Este CVE rastrea la vulnerabilidad de escritura arbitraria de bytes nulos ubicada en el firmware 1.2.10.9 del P3-550E en el desplazamiento `0xb69fc`."}], "id": "CVE-2024-24955", "lastModified": "2025-02-12T18:31:05.193", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "talos-cna@cisco.com", "type": "Secondary"}]}, "published": "2024-05-28T16:15:14.107", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1938"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}