CRITICAL🇵🇱 Wersja polska

CVE-2024-24963

CVSS 9.8v3.1pub. 2024-05-28upd. 2025-02-12

A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e84` of v1.2.10.9 of the P3-550E firmware.

🤖 AI Analysis
How it works

The vulnerability lies in the handling of FileSelect functionality in the Programming Software Connection component. Transmission of a properly crafted network packet causes a stack-based buffer overflow at offset 0xb6e84 of the P3-550E firmware in version 1.2.10.9. The mechanism does not require prior authentication or any user interaction, making the attack possible to conduct remotely over the network without additional prerequisites.

Impact

Successful exploitation of the vulnerability may enable an attacker to remotely execute arbitrary code (RCE) on the device with the privileges of the process handling the connection, which in an industrial environment could lead to takeover of the controller and disruption of automation processes.

Mitigation & patch

Patches available from the manufacturer should be applied in accordance with the references. Temporarily, it is recommended to isolate P3-550E devices from untrusted networks, restrict access to the devices only to authorized engineering stations using a firewall or VLAN networks, and monitor network traffic directed to these controllers.

Who is affected

AutomationDirect P3-550E firmware in version 1.2.10.9 and AutomationDirect P3-550 (firmware versions indicated in the manufacturer's references)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Automationdirect P1 540

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P1 540 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P1 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P1 550 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P2 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P2 550 Firmware

    OS
    Automationdirect
    1.2.10.104.1.1.10
  • Automationdirect P3 530

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 530 Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
  • Automationdirect P3 550

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 550e

    HW
    Automationdirect
    wszystkie wersje
  • Automationdirect P3 550e Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
  • Automationdirect P3 550 Firmware

    OS
    Automationdirect
    1.2.10.94.1.1.10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-24962CRITICAL9.8PL ✓ten sam produkt

Stack-based buffer overflow w AutomationDirect P3-550E — zdalny RCE bez uwierzytelnienia

CVE-2024-21785CRITICAL9.8PL ✓ten sam produkt

AutomationDirect P3-550E — nieusunięty kod debugowania w interfejsie Telnet

CVE-2024-23601CRITICAL9.8PL ✓ten sam produkt

AutomationDirect P3-550E — code injection przez plik scan_lib.bin

CVE-2024-22187CRITICAL9.1PL ✓ten sam produkt

Dowolny zapis w pamięci (write-what-where) w AutomationDirect P3-550E

CVE-2024-24851HIGH7.5ten sam produkt

A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality ...