CVE-2024-26000

PHOENIX CONTACT: Out of bounds read only memory access

CVSS 5.9 MEDIUMEPSS 0.8%CWE-125

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Productos afectados

PHOENIX CONTACT · CHARX SEC-3000 PHOENIX CONTACT · CHARX SEC-3050 PHOENIX CONTACT · CHARX SEC-3100 PHOENIX CONTACT · CHARX SEC-3150

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert.vde.com/en/advisories/VDE-2024-011