CVE-2024-26001

PHOENIX CONTACT: Out of bounds write only memory access

CVSS 7.4 HIGHEPSS 0.9%CWE-787

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

Produtos afetados

PHOENIX CONTACT · CHARX SEC-3000 PHOENIX CONTACT · CHARX SEC-3050 PHOENIX CONTACT · CHARX SEC-3100 PHOENIX CONTACT · CHARX SEC-3150

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cert.vde.com/en/advisories/VDE-2024-011