1. EXECUTIVE SUMMARY
- CVSS v4 8.7
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Schneider Electric
- Equipment: Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC
- Vulnerability: Incorrect Calculation of Buffer Size
2. RISK EVALUATION
Successful exploitation of this vulnerability could cause a denial-of-service of the product when an unauthenticated user sends a crafted HTTPS packet to the webserver.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC are affected:
- Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety): Versions prior to SV4.30
- Modicon M580 CPU Safety (part numbers BMEP58-S and BMEH58-S): Versions prior to SV4.21
- BMENOR2200H: All versions
- EVLink Pro AC: Versions prior to v1.3.10
3.2 VULNERABILITY OVERVIEW
3.2.1 INCORRECT CALCULATION OF BUFFER SIZE CWE-131
The affected product is vulnerable to an incorrect calculation of buffer size vulnerability which could cause a denial-of-service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver.
CVE-2024-11425 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
A CVSS v4 score has also been calculated for CVE-2024-11425. A base score of 8.7 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: