{"vulnerability": "cve-2024-5095", "sightings": [{"uuid": "98733ce7-1787-4b5c-83c9-89270f5bb406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50954", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50954\n\ud83d\udd39 Description: The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a specific Modbus message to the controller can cause the PLC to crash, interrupting the normal operation of the programs running in the PLC. This results in the ERR indicator light turning on and the RUN indicator light turning off.\n\ud83d\udccf Published: 2025-01-15T00:00:00\n\ud83d\udccf Modified: 2025-01-15T16:50:13.381731\n\ud83d\udd17 References:\n1. https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XL5E-16T%20XD5E-24R%20Modbus/XINJE%20XL5E-16T%20XD5E-24R%20Modbus.md", "creation_timestamp": "2025-01-15T16:54:31.000000Z"}, {"uuid": "81651d1f-b04b-4969-a9cc-bd0a00d72531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50953", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsbdvind72n", "content": "", "creation_timestamp": "2025-01-15T17:15:41.759388Z"}, {"uuid": "6cab49e5-903a-4d2c-a373-65bd6c526903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50954", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsbdxyurn2j", "content": "", "creation_timestamp": "2025-01-15T17:15:44.450377Z"}, {"uuid": "79771fc1-defe-4e50-996b-fc0b60418bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50955", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7470", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50955\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows attackers to cause a Denial of Service (DoS) via a crafted TCP message.\n\ud83d\udccf Published: 2024-11-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-13T18:32:48.715Z\n\ud83d\udd17 References:\n1. https://github.com/Curator-Kim/Vulnerability-mining/blob/master/XINJE%20XD5E-24R%20XL5E-16T%20TCP%20DoS/XINJE%20XD5E-24R%20XL5E-16T%20TCP%20DoS.md", "creation_timestamp": "2025-03-13T18:42:32.000000Z"}, {"uuid": "e91271df-066c-4af3-906f-67efef910c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50956", "type": "seen", "source": "https://t.me/cvedetector/10896", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50956 - Inovance Modbus Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50956 \nPublished : Nov. 13, 2024, 10:15 p.m. | 33\u00a0minutes ago \nDescription : A buffer overflow in the RecvSocketData function of Inovance HCPLC_AM401-CPU1608TPTN 21.38.0.0, HCPLC_AM402-CPU1608TPTN 41.38.0.0, and HCPLC_AM403-CPU1608TN 81.38.0.0 allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted Modbus message. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:55:57.000000Z"}, {"uuid": "c04f1fdb-e23d-4a28-900c-16b33ef38811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50955", "type": "seen", "source": "https://t.me/cvedetector/10895", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50955 - XINJE XD5E-24R XL5E-16T TCP DoS\", \n  \"Content\": \"CVE ID : CVE-2024-50955 \nPublished : Nov. 13, 2024, 10:15 p.m. | 33\u00a0minutes ago \nDescription : An issue in how XINJE XD5E-24R and XL5E-16T v3.5.3b handles TCP protocol messages allows attackers to cause a Denial of Service (DoS) via a crafted TCP message. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:55:57.000000Z"}]}