Common Weakness Enumeration

CWE-121

Allowed

Stack-based Buffer Overflow

Abstraction: Variant · Status: Draft

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

5213 vulnerabilities reference this CWE, most recent first.

CVE-2024-41882 (GCVE-0-2024-41882)

Vulnerability from cvelistv5 – Published: 2024-12-24 05:35 – Updated: 2025-10-01 01:55
VLAI
Title
Stack based buffer overflow
Summary
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Vendor Product Version
Hanwha Vision Co., Ltd. XRN-420S Affected: 5.01.62 and prior versions
Create a notification for this product.
Date Public
2024-12-24 05:31
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41882",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-24T15:23:10.542245Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-24T15:23:22.072Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "XRN-420S",
          "vendor": "Hanwha Vision Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "5.01.62 and prior versions"
            }
          ]
        }
      ],
      "datePublic": "2024-12-24T05:31:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eTeam ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot.\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;The manufacturer has released patch firmware for the flaw, please refer to the manufacturer\u0027s report for details and workarounds.\u003c/span\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR.\u00a0An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot.\u00a0The manufacturer has released patch firmware for the flaw, please refer to the manufacturer\u0027s report for details and workarounds."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T01:55:06.444Z",
        "orgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
        "shortName": "Hanwha_Vision"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.hanwhavision.com/wp-content/uploads/2024/12/NVR-Vulnerability-Report-CVE-2024-4188241887.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stack based buffer overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882",
    "assignerShortName": "Hanwha_Vision",
    "cveId": "CVE-2024-41882",
    "datePublished": "2024-12-24T05:35:11.310Z",
    "dateReserved": "2024-07-23T00:24:03.860Z",
    "dateUpdated": "2025-10-01T01:55:06.444Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41852 (GCVE-0-2024-41852)

Vulnerability from cvelistv5 – Published: 2024-08-14 15:05 – Updated: 2024-08-16 04:02
VLAI
Title
Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow
Summary
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow (CWE-121)
Assigner
References
Impacted products
Vendor Product Version
Adobe InDesign Desktop Affected: 0 , ≤ ID18.5.2 (semver)
Create a notification for this product.
adobe indesign Affected: 0 , ≤ 19.4 (semver)
Affected: 0 , ≤ 18.5.2 (semver)
    cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-08-13 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "affected",
            "product": "indesign",
            "vendor": "adobe",
            "versions": [
              {
                "lessThanOrEqual": "19.4",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "18.5.2",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41852",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-16T04:02:00.072Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "InDesign Desktop",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "ID18.5.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2024-08-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "availabilityRequirement": "NOT_DEFINED",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "confidentialityRequirement": "NOT_DEFINED",
            "environmentalScore": 7.8,
            "environmentalSeverity": "HIGH",
            "exploitCodeMaturity": "NOT_DEFINED",
            "integrityImpact": "HIGH",
            "integrityRequirement": "NOT_DEFINED",
            "modifiedAttackComplexity": "LOW",
            "modifiedAttackVector": "LOCAL",
            "modifiedAvailabilityImpact": "HIGH",
            "modifiedConfidentialityImpact": "HIGH",
            "modifiedIntegrityImpact": "HIGH",
            "modifiedPrivilegesRequired": "NONE",
            "modifiedScope": "NOT_DEFINED",
            "modifiedUserInteraction": "REQUIRED",
            "privilegesRequired": "NONE",
            "remediationLevel": "NOT_DEFINED",
            "reportConfidence": "NOT_DEFINED",
            "scope": "UNCHANGED",
            "temporalScore": 7.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow (CWE-121)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T15:05:45.620Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://helpx.adobe.com/security/products/indesign/apsb24-56.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Adobe Indesign 2024 AVI File Parsing Stack Based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2024-41852",
    "datePublished": "2024-08-14T15:05:45.620Z",
    "dateReserved": "2024-07-22T17:16:40.937Z",
    "dateUpdated": "2024-08-16T04:02:00.072Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41170 (GCVE-0-2024-41170)

Vulnerability from cvelistv5 – Published: 2024-09-10 09:36 – Updated: 2024-09-10 15:08
VLAI
Summary
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0015), Tecnomatix Plant Simulation V2404 (All versions < V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
Siemens Tecnomatix Plant Simulation V2302 Affected: 0 , < V2302.0015 (custom)
Create a notification for this product.
Siemens Tecnomatix Plant Simulation V2404 Affected: 0 , < V2404.0004 (custom)
Create a notification for this product.
siemens tecnomatix_plant_simulation Affected: 2302.0 , < 2302.0015 (custom)
Affected: 2404.0 , < 2404.0004 (custom)
    cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tecnomatix_plant_simulation",
            "vendor": "siemens",
            "versions": [
              {
                "lessThan": "2302.0015",
                "status": "affected",
                "version": "2302.0",
                "versionType": "custom"
              },
              {
                "lessThan": "2404.0004",
                "status": "affected",
                "version": "2404.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41170",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:04:15.592651Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:08:25.467Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Tecnomatix Plant Simulation V2302",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2302.0015",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Tecnomatix Plant Simulation V2404",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2404.0004",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0015), Tecnomatix Plant Simulation V2404 (All versions \u003c V2404.0004). The affected applications contain a stack based overflow vulnerability while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:44.999Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-427715.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-41170",
    "datePublished": "2024-09-10T09:36:44.999Z",
    "dateReserved": "2024-07-17T09:39:41.088Z",
    "dateUpdated": "2024-09-10T15:08:25.467Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41166 (GCVE-0-2024-41166)

Vulnerability from cvelistv5 – Published: 2025-02-12 21:20 – Updated: 2025-02-13 19:46
VLAI
Summary
Stack-based buffer overflow in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • Denial of Service
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
n/a Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software for Windows Affected: before version 23.80
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41166",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-13T19:46:47.656960Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-13T19:46:54.348Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software for Windows",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 23.80"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in some Intel(R) PROSet/Wireless WiFi and Killer\u00e2\u201e\u00a2 WiFi software for Windows before version 23.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en"
            },
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-12T21:20:07.730Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01224.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01224.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2024-41166",
    "datePublished": "2025-02-12T21:20:07.730Z",
    "dateReserved": "2024-07-17T03:00:05.100Z",
    "dateUpdated": "2025-02-13T19:46:54.348Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-40723 (GCVE-0-2024-40723)

Vulnerability from cvelistv5 – Published: 2024-08-02 10:27 – Updated: 2024-08-02 16:05
VLAI
Title
CHANGING Information Technology HWATAIServiSign Windows Version - Stack-based Buffer Overflow
Summary
The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily disrupting its service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Date Public
2024-08-02 10:19
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40723",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-02T16:05:44.639654Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:05:52.255Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "HWATAIServiSign Windows Version",
          "vendor": "CHANGING Information Technology",
          "versions": [
            {
              "lessThan": "1.0.24.0219",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-08-02T10:19:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily disrupting its service.\u003c/span\u003e"
            }
          ],
          "value": "The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the HWATAIServiSign, temporarily disrupting its service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-02T10:27:07.987Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-7968-ce2ef-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-7974-0562f-2.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate to version 1.0.24.0219 or later.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Update to version 1.0.24.0219 or later."
        }
      ],
      "source": {
        "advisory": "TVN-202407018",
        "discovery": "EXTERNAL"
      },
      "title": "CHANGING Information Technology HWATAIServiSign Windows Version - Stack-based Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2024-40723",
    "datePublished": "2024-08-02T10:27:07.987Z",
    "dateReserved": "2024-07-09T03:30:54.517Z",
    "dateUpdated": "2024-08-02T16:05:52.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-40722 (GCVE-0-2024-40722)

Vulnerability from cvelistv5 – Published: 2024-08-02 10:18 – Updated: 2024-08-02 14:02
VLAI
Title
CHANGING Information Technology TCBServiSign Windows Version - Stack-based Buffer Overflow
Summary
The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
Date Public
2024-08-02 10:15
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-40722",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-02T13:54:06.558865Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:02:50.759Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "TCBServiSign Windows Version",
          "vendor": "CHANGING Information Technology",
          "versions": [
            {
              "lessThan": "1.0.24.0318",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-08-02T10:15:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service.\u003c/span\u003e"
            }
          ],
          "value": "The specific API in TCBServiSign Windows Version from CHANGING Information Technology does does not properly validate the length of server-side input. When a user visits a spoofed website, unauthenticated remote attackers can cause a stack-based buffer overflow in the TCBServiSign, temporarily disrupting its service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-02T10:18:36.629Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-7967-9efdf-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-7973-e10c6-2.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate to version 1.0.24.0318 or later.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Update to version 1.0.24.0318 or later."
        }
      ],
      "source": {
        "advisory": "TVN-202407017",
        "discovery": "EXTERNAL"
      },
      "title": "CHANGING Information Technology TCBServiSign Windows Version - Stack-based Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2024-40722",
    "datePublished": "2024-08-02T10:18:36.629Z",
    "dateReserved": "2024-07-09T03:30:54.517Z",
    "dateUpdated": "2024-08-02T14:02:50.759Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39950 (GCVE-0-2024-39950)

Vulnerability from cvelistv5 – Published: 2024-07-31 03:45 – Updated: 2025-09-30 03:39
VLAI
Summary
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
  • CWE-20 - Improper Input Validation
Assigner
Impacted products
Vendor Product Version
Dahua NVR4XXX and IPC-HX8XXX Affected: NVR4XXX and IPC-HX8XXX Versions which Build time before 2024/1/22
Create a notification for this product.
dahuasecurity nvr4832-i Affected: 0 , < 2024.2.2 (custom)
    cpe:2.3:h:dahuasecurity:nvr4216-i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4416-16p-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4416-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4432-16p-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4432-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4432-i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4816-16p-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4816-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4832-16p-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4832-4ks2\/i:-:*:*:*:*:*:*:*
    cpe:2.3:h:dahuasecurity:nvr4832-i:-:*:*:*:*:*:*:*
Create a notification for this product.
dahuasecurity ipc-hf8xxx_firmware Affected: 0 , < 2024.2.2 (custom)
    cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*
Create a notification for this product.
dahuasecurity ipc-hfw8xxx Affected: 0 , < 2024.2.2 (custom)
    cpe:2.3:h:dahuasecurity:ipc-hfw8xxx:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-07-31 03:42
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:dahuasecurity:nvr4216-i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4416-16p-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4416-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4432-16p-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4432-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4432-i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4816-16p-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4816-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4832-16p-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4832-4ks2\\/i:-:*:*:*:*:*:*:*",
              "cpe:2.3:h:dahuasecurity:nvr4832-i:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "nvr4832-i",
            "vendor": "dahuasecurity",
            "versions": [
              {
                "lessThan": "2024.2.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:dahuasecurity:ipc-hf8xxx_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ipc-hf8xxx_firmware",
            "vendor": "dahuasecurity",
            "versions": [
              {
                "lessThan": "2024.2.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:h:dahuasecurity:ipc-hfw8xxx:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ipc-hfw8xxx",
            "vendor": "dahuasecurity",
            "versions": [
              {
                "lessThan": "2024.2.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39950",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-31T15:04:00.945009Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-20",
                "description": "CWE-20 Improper Input Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-31T19:12:46.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NVR4XXX and IPC-HX8XXX",
          "vendor": "Dahua",
          "versions": [
            {
              "status": "affected",
              "version": "NVR4XXX and IPC-HX8XXX Versions which Build time\u00a0before 2024/1/22"
            }
          ]
        }
      ],
      "datePublic": "2024-07-31T03:42:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization."
            }
          ],
          "value": "A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121: Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-30T03:39:46.118Z",
        "orgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
        "shortName": "dahua"
      },
      "references": [
        {
          "url": "https://www.dahuasecurity.com/aboutUs/trustedCenter/details/768"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79ee569e-7d1e-4364-98f0-3a18e2a739ad",
    "assignerShortName": "dahua",
    "cveId": "CVE-2024-39950",
    "datePublished": "2024-07-31T03:45:12.977Z",
    "dateReserved": "2024-07-05T03:08:11.185Z",
    "dateUpdated": "2025-09-30T03:39:46.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39880 (GCVE-0-2024-39880)

Vulnerability from cvelistv5 – Published: 2024-07-09 21:21 – Updated: 2025-08-27 20:42
VLAI
Title
Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2
Summary
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - STACK-BASED BUFFER OVERFLOW CWE-121
Assigner
References
Impacted products
Vendor Product Version
Delta Electronics CNCSoft-G2 Affected: 2.0.0.5
Create a notification for this product.
delta_electronics cncsoft-g2 Affected: 2.0.0.5
    cpe:2.3:a:delta_electronics:cncsoft-g2:2.0.0.5:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Bobby Gould and Fritz Sands of Trend Micro Zero Day Initiative reported these vulnerabilities to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:delta_electronics:cncsoft-g2:2.0.0.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cncsoft-g2",
            "vendor": "delta_electronics",
            "versions": [
              {
                "status": "affected",
                "version": "2.0.0.5"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39880",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-10T13:58:44.937267Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T20:42:57.877Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:33:11.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "government-resource",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CNCSoft-G2",
          "vendor": "Delta Electronics",
          "versions": [
            {
              "status": "affected",
              "version": "2.0.0.5"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bobby Gould and Fritz Sands of Trend Micro Zero Day Initiative reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.\u003c/span\u003e"
            }
          ],
          "value": "Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "STACK-BASED BUFFER OVERFLOW CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-09T23:12:00.978Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "government-resource"
          ],
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-191-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDelta Electronics recommends users update to \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://downloadcenter.deltaww.com/en-US/DownloadCenter?v=1\u0026amp;q=cncsoft\u0026amp;sort_expr=cdate\u0026amp;sort_dir=DESC\"\u003eCNCSoft-G2 V2.1.0.10\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;or later.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Delta Electronics recommends users update to  CNCSoft-G2 V2.1.0.10 https://downloadcenter.deltaww.com/en-US/DownloadCenter \u00a0or later."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Stack-based Buffer Overflow in Delta Electronics CNCSoft-G2",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-39880",
    "datePublished": "2024-07-09T21:21:47.678Z",
    "dateReserved": "2024-07-01T18:13:23.097Z",
    "dateUpdated": "2025-08-27T20:42:57.877Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39791 (GCVE-0-2024-39791)

Vulnerability from cvelistv5 – Published: 2024-08-08 19:36 – Updated: 2024-08-21 20:05
VLAI
Title
Vonets WiFi Bridges Stack-based Buffer Overflow
Summary
Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
Vonets VAR1200-H Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAR1200-L Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAR600-H Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11AC Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11G-500S Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VBG1200 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11S-5G Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11S Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAR11N-300 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11G-300 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11N-300 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11G Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VAP11G-500 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
Vonets VGA-1000 Affected: 0 , ≤ 3.3.23.6.9 (custom)
Create a notification for this product.
vonets var1200-h_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets var1200-l_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets var600-h_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11ac_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11g-500s_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vbg1200_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11s-5g_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11s_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets var11n-300_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11n-300_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11g_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vga-1000_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
vonets vap11g-300_firmware Affected: 0 , ≤ 3.3.23.6.9 (custom)
    cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Wodzen reported these vulnerabilities to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:vonets:var1200-h_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "var1200-h_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:var1200-l_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "var1200-l_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:var600-h_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "var600-h_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11ac_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11ac_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11g-500s_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11g-500s_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vbg1200_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vbg1200_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11s-5g_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11s-5g_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11s_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11s_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:var11n-300_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "var11n-300_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11n-300_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11g_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11g_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vga-1000_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vga-1000_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11g-300_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11g-300_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:vonets:vap11n-300_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "vap11n-300_firmware",
            "vendor": "vonets",
            "versions": [
              {
                "lessThanOrEqual": "3.3.23.6.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-09T14:39:45.672202Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-21T20:05:07.240Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "VAR1200-H",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAR1200-L",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAR600-H",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11AC",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11G-500S",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VBG1200",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11S-5G",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11S",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAR11N-300",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11G-300",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11N-300",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11G",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11G-500",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VBG1200",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VAP11AC",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "VGA-1000",
          "vendor": "Vonets",
          "versions": [
            {
              "lessThanOrEqual": "3.3.23.6.9",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Wodzen reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Stack-based buffer overflow vulnerabilities affecting Vonets\n\n\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions \n3.3.23.6.9 and prior, enable an unauthenticated remote attacker to \nexecute arbitrary code."
            }
          ],
          "value": "Stack-based buffer overflow vulnerabilities affecting Vonets\n\n\n\n \n\n industrial wifi bridge relays and wifi bridge repeaters, software versions \n3.3.23.6.9 and prior, enable an unauthenticated remote attacker to \nexecute arbitrary code."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-08T19:36:17.337Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-214-08"
        }
      ],
      "source": {
        "advisory": "ICSA-24-214-08",
        "discovery": "EXTERNAL"
      },
      "title": "Vonets WiFi Bridges Stack-based Buffer Overflow",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com\"\u003eVonets support\u003c/a\u003e for additional information.\n\n\u003cbr\u003e"
            }
          ],
          "value": "Vonets has not responded to requests to work with CISA to mitigate these\n vulnerabilities. Users of the affected products are encouraged to \ncontact  Vonets support https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/support@vonets.com  for additional information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2024-39791",
    "datePublished": "2024-08-08T19:36:17.337Z",
    "dateReserved": "2024-07-30T16:15:10.126Z",
    "dateUpdated": "2024-08-21T20:05:07.240Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-39779 (GCVE-0-2024-39779)

Vulnerability from cvelistv5 – Published: 2025-02-12 21:19 – Updated: 2025-02-13 20:17
VLAI
Summary
Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated user to potentially enable denial of service via local access.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • Denial of Service
  • CWE-121 - Stack-based Buffer Overflow
Assigner
Impacted products
Vendor Product Version
n/a Intel(R) Ethernet Connection I219 Series Affected: before version 12.19.1.39
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39779",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-13T20:17:30.670184Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-13T20:17:35.368Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Ethernet Connection I219 Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 12.19.1.39"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection I219 Series before version 12.19.1.39 may allow an authenticated user to potentially enable denial of service via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en"
            },
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-12T21:19:14.558Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00590.html",
          "url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00590.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2024-39779",
    "datePublished": "2025-02-12T21:19:14.558Z",
    "dateReserved": "2024-06-29T03:00:06.361Z",
    "dateUpdated": "2025-02-13T20:17:35.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-10
Operation Build and Compilation

Strategy: Environment Hardening

  • Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
  • D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Architecture and Design

Use an abstraction library to abstract away risky APIs. Not a complete solution.

Mitigation
Implementation

Implement and perform bounds checking on input.

Mitigation
Implementation

Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.

Mitigation MIT-11
Operation Build and Compilation

Strategy: Environment Hardening

  • Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
  • Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
  • For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].

No CAPEC attack patterns related to this CWE.